what you don't know can hurt you
Showing 1 - 25 of 34 RSS Feed

Files

SystemTap 1.3 MODPROBE_OPTIONS Privilege Escalation
Posted Apr 19, 2019
Authored by Tavis Ormandy, Brendan Coles | Site metasploit.com

This Metasploit module attempts to gain root privileges by exploiting a vulnerability in the staprun executable included with SystemTap version 1.3. The staprun executable does not clear environment variables prior to executing modprobe, allowing an arbitrary configuration file to be specified in the MODPROBE_OPTIONS environment variable, resulting in arbitrary command execution with root privileges. This module has been tested successfully on: systemtap 1.2-1.fc13-i686 on Fedora 13 (i686); and systemtap 1.1-3.el5 on RHEL 5.5 (x64).

tags | exploit, arbitrary, root
systems | linux, fedora
advisories | CVE-2010-4170
MD5 | b8d10e29a77409ce1871a790dad33d49

Related Files

Gentoo Linux Security Advisory 201406-04
Posted Jun 5, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201406-4 - A vulnerability in SystemTap could allow a local attacker to create a Denial of Service condition. Versions less than 2.0 are affected.

tags | advisory, denial of service, local
systems | linux, gentoo
advisories | CVE-2012-0875
MD5 | 0b9498e331b773f06f5becb67fd7786d
Red Hat Security Advisory 2012-0376-01
Posted Mar 9, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0376-01 - SystemTap is an instrumentation system for systems running the Linux kernel. The system allows developers to write scripts to collect data on the operation of the system. An invalid pointer read flaw was found in the way SystemTap handled malformed debugging information in DWARF format. When SystemTap unprivileged mode was enabled, an unprivileged user in the stapusr group could use this flaw to crash the system or, potentially, read arbitrary kernel memory. Additionally, a privileged user could trigger this flaw when tricked into instrumenting a specially-crafted ELF binary, even when unprivileged mode was not enabled.

tags | advisory, arbitrary, kernel
systems | linux, redhat
advisories | CVE-2012-0875
MD5 | a872e62294bbcafa69b0886a70c85bee
Secunia Security Advisory 46920
Posted Nov 21, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for systemtap. This fixes a security issue and two vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges and cause a DoS (Denial of Service).

tags | advisory, denial of service, local, vulnerability
systems | linux, debian
MD5 | a27ef3aa224f7f289d879a302d60c65a
Debian Security Advisory 2348-1
Posted Nov 21, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2348-1 - Several vulnerabilities were discovered in SystemTap, an instrumentation system for Linux.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2010-4170, CVE-2010-4171, CVE-2011-2503
MD5 | 12e9862125f67c23c25144b036641962
Mandriva Linux Security Advisory 2011-155
Posted Oct 17, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-155 - SystemTap 1.4 and earlier, when unprivileged mode is enabled, allows local users to cause a denial of service via a crafted ELF program with DWARF expressions that are not properly handled by a stap script that performs context variable access. SystemTap 1.4, when unprivileged mode is enabled, allows local users to cause a denial of service (divide-by-zero error and OOPS) via a crafted ELF program with DWARF expressions that are not properly handled by a stap script that performs stack unwinding. The updated packages have been patched to correct these issues.

tags | advisory, denial of service, local
systems | linux, mandriva
advisories | CVE-2011-1769, CVE-2011-1781
MD5 | 8970f759fd1d7725c9783bfef778ffb4
Mandriva Linux Security Advisory 2011-154
Posted Oct 17, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-154 - SystemTap 1.4 and earlier, when unprivileged mode is enabled, allows local users to cause a denial of service via a crafted ELF program with DWARF expressions that are not properly handled by a stap script that performs context variable access. The updated packages have been patched to correct this issue.

tags | advisory, denial of service, local
systems | linux, mandriva
advisories | CVE-2011-1769
MD5 | f90fca5c8f8d974f774e3b7163d25612
Secunia Security Advisory 45490
Posted Aug 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for systemtap. This fixes two security issues, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
systems | linux, fedora
MD5 | b2a53eea1b472b5f66ef443168ae57a9
Secunia Security Advisory 45377
Posted Jul 28, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two security issues have been reported in SystemTap, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
MD5 | 9ab26e571f523b995f1a09521a19304f
Secunia Security Advisory 45387
Posted Jul 27, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for systemtap. This fixes a security issue, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
systems | linux, redhat
MD5 | 6a98f4cbec988918916d6612aeca9b73
Secunia Security Advisory 45215
Posted Jul 26, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for systemtap. This fixes two security issues, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
systems | linux, redhat
MD5 | 4131119ad4d3659c9fe169335962a504
Red Hat Security Advisory 2011-1089-01
Posted Jul 26, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1089-01 - SystemTap is an instrumentation system for systems running the Linux kernel. The system allows developers to write scripts to collect data on the operation of the system. A race condition flaw was found in the way the staprun utility performed module loading. A local user who is a member of the stapusr group could use this flaw to modify a signed module while it is being loaded, allowing them to escalate their privileges. SystemTap users should upgrade to these updated packages, which contain a backported patch to correct this issue.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2011-2503
MD5 | 733ae1fde60866a229cfe4317ef527f8
Red Hat Security Advisory 2011-1088-01
Posted Jul 26, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1088-01 - SystemTap is an instrumentation system for systems running the Linux kernel. The system allows developers to write scripts to collect data on the operation of the system. It was found that SystemTap did not perform proper module path sanity checking if a user specified a custom path to the uprobes module, used when performing user-space probing . A local user who is a member of the stapusr group could use this flaw to bypass intended module-loading restrictions, allowing them to escalate their privileges by loading an arbitrary, unsigned module.

tags | advisory, arbitrary, kernel, local
systems | linux, redhat
advisories | CVE-2011-2502, CVE-2011-2503
MD5 | 7d5341dc0a9d052f1e4e7859ef74877b
Secunia Security Advisory 44782
Posted Jun 2, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for systemtap. This fixes a vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, local
systems | linux, redhat
MD5 | 55be54bb59b4afee5d4c80d673a01191
Secunia Security Advisory 44802
Posted Jun 2, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for systemtap. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, local, vulnerability
systems | linux, redhat
MD5 | c7573f43bfd53b579afb6db5df2876e3
Red Hat Security Advisory 2011-0842-01
Posted Jun 1, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-0842-01 - SystemTap is an instrumentation system for systems running the Linux kernel, version 2.6. Developers can write scripts to collect data on the operation of the system. Two divide-by-zero flaws were found in the way SystemTap handled malformed debugging information in DWARF format. When SystemTap unprivileged mode was enabled, an unprivileged user in the stapusr group could use these flaws to crash the system. Additionally, a privileged user could trigger these flaws when tricked into instrumenting a specially-crafted ELF binary, even when unprivileged mode was not enabled. Various other issues were also addressed.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2011-1769, CVE-2011-1781
MD5 | 8f8c5e551b4fe688e4b5b9bdaf43236a
Red Hat Security Advisory 2011-0841-01
Posted Jun 1, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-0841-01 - SystemTap is an instrumentation system for systems running the Linux kernel, version 2.6. Developers can write scripts to collect data on the operation of the system. A divide-by-zero flaw was found in the way SystemTap handled malformed debugging information in DWARF format. When SystemTap unprivileged mode was enabled, an unprivileged user in the stapusr group could use this flaw to crash the system. Additionally, a privileged user could trigger this flaw when tricked into instrumenting a specially-crafted ELF binary, even when unprivileged mode was not enabled. Various other issues were also addressed.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2011-1769
MD5 | 33888b492a6f735f1ffb904fd69f4694
Secunia Security Advisory 44731
Posted May 28, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for systemtap. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, local, vulnerability
systems | linux, fedora
MD5 | 3446aabe29421e9d7617aa60ed8cdc76
Secunia Security Advisory 44608
Posted May 23, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in SystemTap, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, local, vulnerability
MD5 | af699cacedf0bc06a35e2343b0c117c8
Linux Systemtap Privilege Escalation
Posted Nov 26, 2010
Authored by Tavis Ormandy

This code demonstrates a local privilege escalation vulnerability in systemtap.

tags | exploit, local
advisories | CVE-2010-4170
MD5 | f62c8b77d66f8d75a5e96d883f5aba9f
Secunia Security Advisory 42318
Posted Nov 19, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for systemtap. This fixes two vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges and cause a DoS (Denial of Service).

tags | advisory, denial of service, local, vulnerability
systems | linux, fedora
MD5 | 26f4df0fc11f656b71a862ad2ce6d554
Secunia Security Advisory 42306
Posted Nov 18, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for systemtap. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
systems | linux, redhat
MD5 | b0c09590897a210a1aef6d2545353783
Secunia Security Advisory 42263
Posted Nov 18, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for systemtap. This fixes two vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges and cause a DoS (Denial of Service).

tags | advisory, denial of service, local, vulnerability
systems | linux, redhat
MD5 | a136538700472f5c2d674497fbc37d47
Secunia Security Advisory 42256
Posted Nov 18, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in SystemTap, which can be exploited by malicious, local users to gain escalated privileges and cause a DoS (Denial of Service).

tags | advisory, denial of service, local, vulnerability
MD5 | f443c401442aab4292056fc5b9a6c00f
Secunia Security Advisory 38765
Posted Mar 2, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for systemtap. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges and by malicious users to compromise a vulnerable system.

tags | advisory, denial of service, local, vulnerability
systems | linux, redhat
MD5 | 3e8ac8f32739b221bc2ff3979b6815bd
Secunia Security Advisory 38817
Posted Mar 2, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for systemtap. This fixes a vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges.

tags | advisory, denial of service, local
systems | linux, redhat
MD5 | b3a300127a1e846756e3b378165b78c1
Page 1 of 2
Back12Next

File Archive:

January 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    0 Files
  • 3
    Jan 3rd
    20 Files
  • 4
    Jan 4th
    4 Files
  • 5
    Jan 5th
    37 Files
  • 6
    Jan 6th
    20 Files
  • 7
    Jan 7th
    4 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    0 Files
  • 10
    Jan 10th
    18 Files
  • 11
    Jan 11th
    8 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    31 Files
  • 14
    Jan 14th
    2 Files
  • 15
    Jan 15th
    0 Files
  • 16
    Jan 16th
    0 Files
  • 17
    Jan 17th
    0 Files
  • 18
    Jan 18th
    0 Files
  • 19
    Jan 19th
    0 Files
  • 20
    Jan 20th
    0 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close