Executive Summary
Summary | |
---|---|
Title | systemtap security update |
Informations | |||
---|---|---|---|
Name | RHSA-2011:0842 | First vendor Publication | 2011-05-31 |
Vendor | RedHat | Last vendor Modification | 2011-05-31 |
Severity (Vendor) | Moderate | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:H/Au:N/C:N/I:N/A:P) | |||
---|---|---|---|
Cvss Base Score | 1.2 | Attack Range | Local |
Cvss Impact Score | 2.9 | Attack Complexity | High |
Cvss Expoit Score | 1.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated systemtap packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: SystemTap is an instrumentation system for systems running the Linux kernel, version 2. |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2011-0842.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:21491 | |||
Oval ID: | oval:org.mitre.oval:def:21491 | ||
Title: | RHSA-2011:0841: systemtap security update (Moderate) | ||
Description: | SystemTap 1.4 and earlier, when unprivileged (aka stapusr) mode is enabled, allows local users to cause a denial of service (divide-by-zero error and OOPS) via a crafted ELF program with DWARF expressions that are not properly handled by a stap script that performs context variable access. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2011:0841-01 CESA-2011:0841 CVE-2011-1769 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | systemtap |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21790 | |||
Oval ID: | oval:org.mitre.oval:def:21790 | ||
Title: | RHSA-2011:0842: systemtap security update (Moderate) | ||
Description: | SystemTap 1.4, when unprivileged (aka stapusr) mode is enabled, allows local users to cause a denial of service (divide-by-zero error and OOPS) via a crafted ELF program with DWARF expressions that are not properly handled by a stap script that performs stack unwinding (aka backtracing). | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2011:0842-01 CVE-2011-1769 CVE-2011-1781 | Version: | 29 |
Platform(s): | Red Hat Enterprise Linux 6 | Product(s): | systemtap |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23122 | |||
Oval ID: | oval:org.mitre.oval:def:23122 | ||
Title: | ELSA-2011:0841: systemtap security update (Moderate) | ||
Description: | SystemTap 1.4 and earlier, when unprivileged (aka stapusr) mode is enabled, allows local users to cause a denial of service (divide-by-zero error and OOPS) via a crafted ELF program with DWARF expressions that are not properly handled by a stap script that performs context variable access. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011:0841-01 CVE-2011-1769 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | systemtap |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23507 | |||
Oval ID: | oval:org.mitre.oval:def:23507 | ||
Title: | ELSA-2011:0842: systemtap security update (Moderate) | ||
Description: | SystemTap 1.4, when unprivileged (aka stapusr) mode is enabled, allows local users to cause a denial of service (divide-by-zero error and OOPS) via a crafted ELF program with DWARF expressions that are not properly handled by a stap script that performs stack unwinding (aka backtracing). | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011:0842-01 CVE-2011-1769 CVE-2011-1781 | Version: | 13 |
Platform(s): | Oracle Linux 6 | Product(s): | systemtap |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27606 | |||
Oval ID: | oval:org.mitre.oval:def:27606 | ||
Title: | DEPRECATED: ELSA-2011-0841 -- systemtap security update (moderate) | ||
Description: | [1.3-4.1] - bz702687 (patch) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011-0841 CVE-2011-1769 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | systemtap |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27808 | |||
Oval ID: | oval:org.mitre.oval:def:27808 | ||
Title: | DEPRECATED: ELSA-2011-0842 -- systemtap security update (moderate) | ||
Description: | [1.4.6.0.1.el6_1.1] - remove doc/SystemTap_Beginners_Guide/en-US in tarball - comment bz683569.patch in specfile [1.3-4.1] - bz702687 (patch) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011-0842 CVE-2011-1769 CVE-2011-1781 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | systemtap |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-07-30 | Name : CentOS Update for systemtap CESA-2011:0841 centos5 x86_64 File : nvt/gb_CESA-2011_0841_systemtap_centos5_x86_64.nasl |
2012-06-06 | Name : RedHat Update for systemtap RHSA-2011:0842-01 File : nvt/gb_RHSA-2011_0842-01_systemtap.nasl |
2011-10-21 | Name : Mandriva Update for systemtap MDVSA-2011:154 (systemtap) File : nvt/gb_mandriva_MDVSA_2011_154.nasl |
2011-08-09 | Name : CentOS Update for systemtap CESA-2011:0841 centos5 i386 File : nvt/gb_CESA-2011_0841_systemtap_centos5_i386.nasl |
2011-06-06 | Name : RedHat Update for systemtap RHSA-2011:0841-01 File : nvt/gb_RHSA-2011_0841-01_systemtap.nasl |
2011-06-03 | Name : Fedora Update for systemtap FEDORA-2011-7289 File : nvt/gb_fedora_2011_7289_systemtap_fc13.nasl |
2011-06-03 | Name : Fedora Update for systemtap FEDORA-2011-7302 File : nvt/gb_fedora_2011_7302_systemtap_fc14.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
73278 | SystemTap runtime/unwind.c compute_expr() Function Divide-by-zero DWARF Infor... |
73277 | SystemTap loc2c.c translate() Function Division By Zero DWARF Information Han... |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0841.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0842.nasl - Type : ACT_GATHER_INFO |
2013-06-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-0841.nasl - Type : ACT_GATHER_INFO |
2012-09-06 | Name : The remote Mandriva Linux host is missing a security update. File : mandriva_MDVSA-2011-155.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110531_systemtap_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110531_systemtap_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2011-10-18 | Name : The remote Mandriva Linux host is missing a security update. File : mandriva_MDVSA-2011-154.nasl - Type : ACT_GATHER_INFO |
2011-06-01 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0841.nasl - Type : ACT_GATHER_INFO |
2011-06-01 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0842.nasl - Type : ACT_GATHER_INFO |
2011-05-27 | Name : The remote Fedora host is missing a security update. File : fedora_2011-7289.nasl - Type : ACT_GATHER_INFO |
2011-05-27 | Name : The remote Fedora host is missing a security update. File : fedora_2011-7302.nasl - Type : ACT_GATHER_INFO |
2011-05-27 | Name : The remote Fedora host is missing a security update. File : fedora_2011-7314.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:54:45 |
|