Executive Summary
Summary | |
---|---|
Title | oprofile security update |
Informations | |||
---|---|---|---|
Name | DSA-2254 | First vendor Publication | 2011-06-03 |
Vendor | Debian | Last vendor Modification | 2011-07-11 |
Severity (Vendor) | N/A | Revision | 2 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.2 | Attack Range | Local |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 3.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Jamie Strandboge noticed that the patch propoused to fix CVE-2011-1760 in OProfile has been incomplete. For reference, the description of the original DSA, is: OProfile is a performance profiling tool which is configurable by opcontrol, its control utility. Stephane Chauveau reported several ways to inject arbitrary commands in the arguments of this utility. If a local unprivileged user is authorized by sudoers file to run opcontrol as root, this user could use the flaw to escalate his privileges. For the oldstable distribution (lenny), this problem has been fixed in version 0.9.3-2+lenny2. For the stable distribution (squeeze), this problem has been fixed in version 0.9.6-1.1+squeeze2. For the testing distribution (wheezy), this problem has been fixed in version 0.9.6-1.4. For the unstable distribution (sid), this problem has been fixed in version 0.9.6-1.4. We recommend that you upgrade your oprofile packages. |
Original Source
Url : http://www.debian.org/security/2011/dsa-2254 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
25 % | CWE-264 | Permissions, Privileges, and Access Controls |
25 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
25 % | CWE-59 | Improper Link Resolution Before File Access ('Link Following') |
25 % | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:12839 | |||
Oval ID: | oval:org.mitre.oval:def:12839 | ||
Title: | DSA-2254-2 oprofile -- command injection | ||
Description: | Jamie Strandboge noticed that the patch propoused to fix CVE-2011-1760 in OProfile has been incomplete. For reference, the description of the original DSA, is: OProfile is a performance profiling tool which is configurable by opcontrol, its control utility. Stephane Chauveau reported several ways to inject arbitrary commands in the arguments of this utility. If a local unprivileged user is authorised by sudoers file to run opcontrol as root, this user could use the flaw to escalate his privileges. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2254-2 CVE-2011-1760 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | oprofile |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13066 | |||
Oval ID: | oval:org.mitre.oval:def:13066 | ||
Title: | DSA-2254-1 oprofile -- command injection | ||
Description: | OProfile is a performance profiling tool which is configurable by opcontrol, its control utility. Stephane Chauveau reported several ways to inject arbitrary commands in the arguments of this utility. If a local unprivileged user is authorised by sudoers file to run opcontrol as root, this user could use the flaw to escalate his privileges. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2254-1 CVE-2011-1760 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | oprofile |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14110 | |||
Oval ID: | oval:org.mitre.oval:def:14110 | ||
Title: | USN-1166-1 -- oprofile vulnerabilities | ||
Description: | oprofile: System-wide profiler for Linux systems OProfile could be made to run programs as an administrator. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1166-1 CVE-2011-1760 CVE-2011-2471 CVE-2011-2472 | Version: | 5 |
Platform(s): | Ubuntu 10.04 | Product(s): | oprofile |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2011-08-03 | Name : Debian Security Advisory DSA 2254-1 (oprofile) File : nvt/deb_2254_1.nasl |
2011-08-03 | Name : Debian Security Advisory DSA 2254-2 (oprofile) File : nvt/deb_2254_2.nasl |
2011-07-27 | Name : Fedora Update for oprofile FEDORA-2011-8076 File : nvt/gb_fedora_2011_8076_oprofile_fc15.nasl |
2011-07-27 | Name : Fedora Update for oprofile FEDORA-2011-8087 File : nvt/gb_fedora_2011_8087_oprofile_fc14.nasl |
2011-07-18 | Name : Ubuntu Update for oprofile USN-1166-1 File : nvt/gb_ubuntu_USN_1166_1.nasl |
2011-06-20 | Name : OProfile Multiple Vulnerabilities File : nvt/gb_oprofile_mult_vuln.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
73719 | OProfile utils/opcontrol do_dump_data Function --session-dir Argument opd_pip... |
73717 | OProfile utils/opcontrol --save Argument Traversal Arbitrary File Overwrite |
73716 | OProfile utils/opcontrol daemonrc Multiple Argument Shell Metacharacter Local... |
72792 | OProfile utils/opcontrol Shell Metacharacter Eval Injection Local Privilege E... |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-12-15 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201412-09.nasl - Type : ACT_GATHER_INFO |
2011-07-26 | Name : The remote Fedora host is missing a security update. File : fedora_2011-8076.nasl - Type : ACT_GATHER_INFO |
2011-07-26 | Name : The remote Fedora host is missing a security update. File : fedora_2011-8087.nasl - Type : ACT_GATHER_INFO |
2011-07-12 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1166-1.nasl - Type : ACT_GATHER_INFO |
2011-06-10 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2254.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:30:14 |
|