Executive Summary
Summary | |
---|---|
Title | systemtap security update |
Informations | |||
---|---|---|---|
Name | RHSA-2011:1089 | First vendor Publication | 2011-07-25 |
Vendor | RedHat | Last vendor Modification | 2011-07-25 |
Severity (Vendor) | Moderate | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:H/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 3.7 | Attack Range | Local |
Cvss Impact Score | 6.4 | Attack Complexity | High |
Cvss Expoit Score | 1.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated systemtap packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 3. Description: SystemTap is an instrumentation system for systems running the Linux kernel. The system allows developers to write scripts to collect data on the operation of the system. A race condition flaw was found in the way the staprun utility performed module loading. A local user who is a member of the stapusr group could use this flaw to modify a signed module while it is being loaded, allowing them to escalate their privileges. (CVE-2011-2503) SystemTap users should upgrade to these updated packages, which contain a backported patch to correct this issue. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 716489 - CVE-2011-2503 systemtap: signed module loading race condition |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2011-1089.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-20 | Improper Input Validation |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:15202 | |||
Oval ID: | oval:org.mitre.oval:def:15202 | ||
Title: | DSA-2348-1 systemtap -- several | ||
Description: | Several vulnerabilities were discovered in SystemTap, an instrumentation system for Linux: CVE-2011-2503 It was discovered that a race condition in staprun could lead to privilege escalation. CVE-2010-4170 It was discovered that insufficient validation of environment variables in staprun could lead to privilege escalation. CVE-2010-4171 It was discovered that insufficient validation of module unloading could lead to denial of service. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2348-1 CVE-2010-4170 CVE-2010-4171 CVE-2011-2503 | Version: | 5 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | systemtap |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:21608 | |||
Oval ID: | oval:org.mitre.oval:def:21608 | ||
Title: | RHSA-2011:1088: systemtap security update (Moderate) | ||
Description: | The insert_module function in runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate a module when loading it, which allows local users to gain privileges via a race condition between the signature validation and the module initialization. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2011:1088-01 CVE-2011-2502 CVE-2011-2503 | Version: | 29 |
Platform(s): | Red Hat Enterprise Linux 6 | Product(s): | systemtap |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22019 | |||
Oval ID: | oval:org.mitre.oval:def:22019 | ||
Title: | RHSA-2011:1089: systemtap security update (Moderate) | ||
Description: | The insert_module function in runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate a module when loading it, which allows local users to gain privileges via a race condition between the signature validation and the module initialization. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2011:1089-01 CESA-2011:1089 CVE-2011-2503 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | systemtap |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23350 | |||
Oval ID: | oval:org.mitre.oval:def:23350 | ||
Title: | ELSA-2011:1089: systemtap security update (Moderate) | ||
Description: | The insert_module function in runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate a module when loading it, which allows local users to gain privileges via a race condition between the signature validation and the module initialization. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011:1089-01 CVE-2011-2503 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | systemtap |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23376 | |||
Oval ID: | oval:org.mitre.oval:def:23376 | ||
Title: | ELSA-2011:1088: systemtap security update (Moderate) | ||
Description: | The insert_module function in runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate a module when loading it, which allows local users to gain privileges via a race condition between the signature validation and the module initialization. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011:1088-01 CVE-2011-2502 CVE-2011-2503 | Version: | 13 |
Platform(s): | Oracle Linux 6 | Product(s): | systemtap |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27710 | |||
Oval ID: | oval:org.mitre.oval:def:27710 | ||
Title: | DEPRECATED: ELSA-2011-1088 -- systemtap security update (moderate) | ||
Description: | [1.4.6.0.1.el6_1.2] - remove doc/SystemTap_Beginners_Guide/en-US in tarball - comment bz683569.patch in specfile [1.4-6.2] - bz716476 (patch) - bz716489 (patch) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011-1088 CVE-2011-2502 CVE-2011-2503 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | systemtap |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28151 | |||
Oval ID: | oval:org.mitre.oval:def:28151 | ||
Title: | DEPRECATED: ELSA-2011-1089 -- systemtap security update (moderate) | ||
Description: | [1.3-9] - bz716489 (patch) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011-1089 CVE-2011-2503 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | systemtap |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-07-30 | Name : CentOS Update for systemtap CESA-2011:1089 centos5 x86_64 File : nvt/gb_CESA-2011_1089_systemtap_centos5_x86_64.nasl |
2012-06-06 | Name : RedHat Update for systemtap RHSA-2011:1088-01 File : nvt/gb_RHSA-2011_1088-01_systemtap.nasl |
2012-03-09 | Name : Fedora Update for systemtap FEDORA-2012-2218 File : nvt/gb_fedora_2012_2218_systemtap_fc15.nasl |
2012-02-11 | Name : Debian Security Advisory DSA 2348-1 (systemtap) File : nvt/deb_2348_1.nasl |
2011-09-23 | Name : CentOS Update for systemtap CESA-2011:1089 centos5 i386 File : nvt/gb_CESA-2011_1089_systemtap_centos5_i386.nasl |
2011-08-02 | Name : Fedora Update for systemtap FEDORA-2011-9722 File : nvt/gb_fedora_2011_9722_systemtap_fc15.nasl |
2011-08-02 | Name : Fedora Update for systemtap FEDORA-2011-9739 File : nvt/gb_fedora_2011_9739_systemtap_fc14.nasl |
2011-07-27 | Name : RedHat Update for systemtap RHSA-2011:1089-01 File : nvt/gb_RHSA-2011_1089-01_systemtap.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
74148 | SystemTap staprun Race Condition Module Loading Local Privilege Escalation |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-1088.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-1089.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110725_systemtap_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110725_systemtap_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2011-11-22 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2348.nasl - Type : ACT_GATHER_INFO |
2011-09-23 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-1089.nasl - Type : ACT_GATHER_INFO |
2011-08-01 | Name : The remote Fedora host is missing a security update. File : fedora_2011-9722.nasl - Type : ACT_GATHER_INFO |
2011-08-01 | Name : The remote Fedora host is missing a security update. File : fedora_2011-9739.nasl - Type : ACT_GATHER_INFO |
2011-07-26 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1088.nasl - Type : ACT_GATHER_INFO |
2011-07-26 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1089.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:54:55 |
|