Executive Summary

Informations
NameCVE-2010-4170First vendor Publication2010-12-07
VendorCveLast vendor Modification2012-07-27

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score7.2Attack RangeLocal
Cvss Impact Score10Attack ComplexityLow
Cvss Expoit Score3.9AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

The staprun runtime tool in SystemTap 1.3 does not properly clear the environment before executing modprobe, which allows local users to gain privileges by setting the MODPROBE_OPTIONS environment variable to specify a malicious configuration file.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4170

CWE : Common Weakness Enumeration

idName
CWE-264Permissions, Privileges, and Access Controls

CPE : Common Platform Enumeration

TypeDescriptionCount
Application1

ExploitDB Exploits

idDescription
2010-11-26Local Root Privilege Escalation Vulnerability in systemtap

OpenVAS Exploits

DateDescription
2012-02-11Name : Debian Security Advisory DSA 2348-1 (systemtap)
File : nvt/deb_2348_1.nasl
2011-08-09Name : CentOS Update for systemtap CESA-2010:0894 centos5 i386
File : nvt/gb_CESA-2010_0894_systemtap_centos5_i386.nasl
2011-06-03Name : Fedora Update for systemtap FEDORA-2011-7289
File : nvt/gb_fedora_2011_7289_systemtap_fc13.nasl
2011-06-03Name : Fedora Update for systemtap FEDORA-2011-7302
File : nvt/gb_fedora_2011_7302_systemtap_fc14.nasl
2010-12-02Name : Fedora Update for systemtap FEDORA-2010-17865
File : nvt/gb_fedora_2010_17865_systemtap_fc14.nasl
2010-11-23Name : Fedora Update for systemtap FEDORA-2010-17868
File : nvt/gb_fedora_2010_17868_systemtap_fc12.nasl
2010-11-23Name : Fedora Update for systemtap FEDORA-2010-17873
File : nvt/gb_fedora_2010_17873_systemtap_fc13.nasl
2010-11-23Name : RedHat Update for systemtap RHSA-2010:0894-01
File : nvt/gb_RHSA-2010_0894-01_systemtap.nasl
2010-11-23Name : RedHat Update for systemtap RHSA-2010:0895-01
File : nvt/gb_RHSA-2010_0895-01_systemtap.nasl
2010-11-23Name : CentOS Update for systemtap CESA-2010:0895 centos4 i386
File : nvt/gb_CESA-2010_0895_systemtap_centos4_i386.nasl

Open Source Vulnerability Database (OSVDB)

idDescription
69489SystemTap /usr/bin/staprun Kernel Module Loading Local Privilege Escalation

Nessus® Vulnerability Scanner

DateDescription
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0894.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0895.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20101117_systemtap_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20101117_systemtap_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2011-11-22Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2348.nasl - Type : ACT_GATHER_INFO
2011-05-27Name : The remote Fedora host is missing a security update.
File : fedora_2011-7289.nasl - Type : ACT_GATHER_INFO
2011-05-27Name : The remote Fedora host is missing a security update.
File : fedora_2011-7302.nasl - Type : ACT_GATHER_INFO
2010-11-24Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0894.nasl - Type : ACT_GATHER_INFO
2010-11-24Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0895.nasl - Type : ACT_GATHER_INFO
2010-11-19Name : The remote Fedora host is missing a security update.
File : fedora_2010-17865.nasl - Type : ACT_GATHER_INFO
2010-11-19Name : The remote Fedora host is missing a security update.
File : fedora_2010-17868.nasl - Type : ACT_GATHER_INFO
2010-11-19Name : The remote Fedora host is missing a security update.
File : fedora_2010-17873.nasl - Type : ACT_GATHER_INFO
2010-11-18Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0894.nasl - Type : ACT_GATHER_INFO
2010-11-18Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0895.nasl - Type : ACT_GATHER_INFO

Internal Sources (Detail)

SourceUrl
BIDhttp://www.securityfocus.com/bid/44914
CONFIRMhttp://sources.redhat.com/git/gitweb.cgi?p=systemtap.git;a=commit;h=b7565b412...
DEBIANhttp://www.debian.org/security/2011/dsa-2348
EXPLOIT-DBhttp://www.exploit-db.com/exploits/15620
FEDORAhttp://lists.fedoraproject.org/pipermail/package-announce/2010-November/05111...
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/05112...
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/05112...
MLISThttp://sources.redhat.com/ml/systemtap/2010-q4/msg00230.html
REDHAThttp://www.redhat.com/support/errata/RHSA-2010-0894.html
http://www.redhat.com/support/errata/RHSA-2010-0895.html
SECTRACKhttp://www.securitytracker.com/id?1024754
SECUNIAhttp://secunia.com/advisories/42256
http://secunia.com/advisories/42263
http://secunia.com/advisories/42306
http://secunia.com/advisories/42318
http://secunia.com/advisories/46920
XFhttp://xforce.iss.net/xforce/xfdb/63344

Alert History

If you want to see full details history, please login or register.
0
1
DateInformations
2014-02-17 10:58:31
  • Multiple Updates
2013-05-10 23:36:31
  • Multiple Updates