CyberSec.Space Logo
返回 CVE 浏览器

CVE-2009-0784

MEDIUM
6.3
CVSS Severity Score
EPSS Score0.1470%
EPSS Percentile20.20th
Published2009年3月25日
Last Modified2026年4月23日

Vulnerability Description

Race condition in the SystemTap stap tool 0.0.20080705 and 0.0.20090314 allows local users in the stapusr group to insert arbitrary SystemTap kernel modules and gain privileges via unknown vectors.

Affected Platforms (CPE)

📦
Systemtap

Systemtap

= 0.0.20080705
📦
Systemtap

Systemtap

= 0.0.20090314
💻
Debian

Debian Linux

= 4.0
💻
Debian

Debian Linux

= 5.0

References & Advisories

🔗 http://secunia.com/advisories/34441
🔗 http://secunia.com/advisories/34479
🔗 http://secunia.com/advisories/34548
🔗 http://support.avaya.com/elmodocs2/security/ASA-2009-110.htm
🔗 http://www.debian.org/security/2009/dsa-1755
🔗 http://www.redhat.com/support/errata/RHSA-2009-0373.html
🔗 http://www.vupen.com/english/advisories/2009/0907
🔗 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11613

相关漏洞威胁

CVE-2009-427310.0

stap-server in SystemTap before 1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in stap command...

CVE-2010-04127.5

stap-server in SystemTap 1.1 does not properly restrict the value of the -B (aka BUILD) option, which allows attackers to have an ...

CVE-2010-41707.2

The staprun runtime tool in SystemTap 1.3 does not properly clear the environment before executing modprobe, which allows local us...

CVE-2012-08755.4

SystemTap 1.7, 1.6.7, and probably other versions, when unprivileged mode is enabled, allows local users to obtain sensitive infor...