{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate modules when a module path is specified by a user for user-space probing, which allows local users in the stapusr group to gain privileges via a crafted module in the search path in the -u argument."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2012-07-26T19:00:00Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=716476"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=commitdiff%3Bh=4ecaadf545a729bb3e5f01f6f019716d49815d9a"}, {"name": "45377", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/45377"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=blob%3Bf=NEWS%3Bhb=304d73b1fea24af791f2a129fb141c5009eae6a8"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2011-2502", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate modules when a module path is specified by a user for user-space probing, which allows local users in the stapusr group to gain privileges via a crafted module in the search path in the -u argument."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://bugzilla.redhat.com/show_bug.cgi?id=716476", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=716476"}, {"name": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git;a=commitdiff;h=4ecaadf545a729bb3e5f01f6f019716d49815d9a", "refsource": "CONFIRM", "url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git;a=commitdiff;h=4ecaadf545a729bb3e5f01f6f019716d49815d9a"}, {"name": "45377", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/45377"}, {"name": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git;a=blob;f=NEWS;hb=304d73b1fea24af791f2a129fb141c5009eae6a8", "refsource": "CONFIRM", "url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git;a=blob;f=NEWS;hb=304d73b1fea24af791f2a129fb141c5009eae6a8"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T23:00:34.103Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=716476"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=commitdiff%3Bh=4ecaadf545a729bb3e5f01f6f019716d49815d9a"}, {"name": "45377", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/45377"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=blob%3Bf=NEWS%3Bhb=304d73b1fea24af791f2a129fb141c5009eae6a8"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2011-2502", "datePublished": "2012-07-26T19:00:00Z", "dateReserved": "2011-06-15T00:00:00Z", "dateUpdated": "2024-09-16T20:42:11.436Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:systemtap:systemtap:*:*:*:*:*:*:*:*", "matchCriteriaId": "44665B6E-F588-42BD-9901-268D4DD93BAF", "versionEndIncluding": "1.5", "vulnerable": true}, {"criteria": "cpe:2.3:a:systemtap:systemtap:0.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "04AE85B6-FE8D-4DD1-BECE-6B7146CF9D73", "vulnerable": true}, {"criteria": "cpe:2.3:a:systemtap:systemtap:0.3:*:*:*:*:*:*:*", "matchCriteriaId": "E150AE05-60B4-4ECE-AEFA-3A230DAEBCA5", "vulnerable": true}, {"criteria": "cpe:2.3:a:systemtap:systemtap:0.4:*:*:*:*:*:*:*", "matchCriteriaId": "36FBF185-3189-40C2-B51B-2531F2D88602", "vulnerable": true}, {"criteria": "cpe:2.3:a:systemtap:systemtap:0.5:*:*:*:*:*:*:*", "matchCriteriaId": "C62AFF32-856E-4EF9-A87F-C06B6FEEE31F", "vulnerable": true}, {"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "57C746CB-8DFE-4795-931F-42050D7FBEB4", "vulnerable": true}, {"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "986B653D-5CF2-454C-A38F-172D2256E20C", "vulnerable": true}, {"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "AF5E8C63-D68F-4ACA-B0DC-1D9EF6A3BFA3", "vulnerable": true}, {"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.7:*:*:*:*:*:*:*", "matchCriteriaId": "BD56E555-180D-45C3-9311-EFB32F480035", "vulnerable": true}, {"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "74215553-AB86-4184-B3AB-D82B20275ED6", "vulnerable": true}, {"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.9:*:*:*:*:*:*:*", "matchCriteriaId": "5044754F-66CD-4D17-8874-7303D9F2DCE2", "vulnerable": true}, {"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.10:*:*:*:*:*:*:*", "matchCriteriaId": "DC674046-FC4F-4262-8F71-4DEECAEC1A1C", "vulnerable": true}, {"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.12:*:*:*:*:*:*:*", "matchCriteriaId": "7A621722-6DD4-461D-AD74-461B9C10C772", "vulnerable": true}, {"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.13:*:*:*:*:*:*:*", "matchCriteriaId": "9B5B77E9-F98C-4310-8D6A-E41A27CD559A", "vulnerable": true}, {"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.14:*:*:*:*:*:*:*", "matchCriteriaId": "B6E9824F-8977-4CE6-BA05-E8899E41066E", "vulnerable": true}, {"criteria": "cpe:2.3:a:systemtap:systemtap:0.6:*:*:*:*:*:*:*", "matchCriteriaId": "FF58A998-52F0-4BCA-9FF7-FCCC28E6FCE1", "vulnerable": true}, {"criteria": "cpe:2.3:a:systemtap:systemtap:0.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "C2327CA9-5A80-4C86-BAF6-A9E3BB7085C6", "vulnerable": true}, {"criteria": "cpe:2.3:a:systemtap:systemtap:0.7:*:*:*:*:*:*:*", "matchCriteriaId": "6627D143-6E8D-40DE-BBD0-308FF1B200D6", "vulnerable": true}, {"criteria": "cpe:2.3:a:systemtap:systemtap:0.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "A1AE49CA-424E-4328-A348-98F2C847D8FC", "vulnerable": true}, {"criteria": "cpe:2.3:a:systemtap:systemtap:0.8:*:*:*:*:*:*:*", "matchCriteriaId": "19E88BF9-1403-40F9-A64E-A1FEFEFC4E2D", "vulnerable": true}, {"criteria": "cpe:2.3:a:systemtap:systemtap:0.9:*:*:*:*:*:*:*", "matchCriteriaId": "3E12D5C4-4BC6-4802-B5CE-5D5A41FB3B71", "vulnerable": true}, {"criteria": "cpe:2.3:a:systemtap:systemtap:0.9.5:*:*:*:*:*:*:*", "matchCriteriaId": "6FD4201A-64B5-4DCC-9696-BD0F8780D200", "vulnerable": true}, {"criteria": "cpe:2.3:a:systemtap:systemtap:0.9.7:*:*:*:*:*:*:*", "matchCriteriaId": "C3FEDD7F-969D-422C-A899-9550EC52EBD7", "vulnerable": true}, {"criteria": "cpe:2.3:a:systemtap:systemtap:0.9.8:*:*:*:*:*:*:*", "matchCriteriaId": "F37EBCB6-8056-466C-B2AB-385DF48EEA8F", "vulnerable": true}, {"criteria": "cpe:2.3:a:systemtap:systemtap:0.9.9:*:*:*:*:*:*:*", "matchCriteriaId": "0D795EA7-04FC-4D0E-9944-6C9D4882A897", "vulnerable": true}, {"criteria": "cpe:2.3:a:systemtap:systemtap:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "7C36C437-D28D-452A-BAF0-4A618A61920B", "vulnerable": true}, {"criteria": "cpe:2.3:a:systemtap:systemtap:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "5AB898A5-C8EF-4BBA-B480-00461218FC3B", "vulnerable": true}, {"criteria": "cpe:2.3:a:systemtap:systemtap:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "D06D7E42-666F-43CE-8BE3-0EE915450CC0", "vulnerable": true}, {"criteria": "cpe:2.3:a:systemtap:systemtap:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "3D031679-0C77-4645-B488-DA29BB81FA39", "vulnerable": true}, {"criteria": "cpe:2.3:a:systemtap:systemtap:1.4:*:*:*:*:*:*:*", "matchCriteriaId": "CE5CA99B-6DED-4395-BFE0-C8DB7F504AF0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate modules when a module path is specified by a user for user-space probing, which allows local users in the stapusr group to gain privileges via a crafted module in the search path in the -u argument."}, {"lang": "es", "value": "runtime/staprun/staprun_funcs.c en la herramienta de tiempo de ejecuci\u00f3n systemtap (staprun) en SystemTap antes de v1.6 no valida correctamente los m\u00f3dulos cuando una ruta del m\u00f3dulo es especificada por un usuario para probar el espacio de usuario, lo que permite obtener privilegios a usuarios locales en el grupo stapusr a trav\u00e9s de un m\u00f3dulo dise\u00f1ado para tal fin en la ruta de b\u00fasqueda con el argumento -u.\r\n"}], "id": "CVE-2011-2502", "lastModified": "2023-11-07T02:07:42.190", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-07-26T19:55:00.700", "references": [{"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/45377"}, {"source": "secalert@redhat.com", "url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=blob%3Bf=NEWS%3Bhb=304d73b1fea24af791f2a129fb141c5009eae6a8"}, {"source": "secalert@redhat.com", "url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=commitdiff%3Bh=4ecaadf545a729bb3e5f01f6f019716d49815d9a"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=716476"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2011:1088", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "systemtap-0:1.4-6.el6_1.2", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2011-07-25T00:00:00Z"}], "bugzilla": {"description": "systemtap: insufficient security check when loading uprobes kernel module", "id": "716476", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=716476"}, "csaw": false, "cvss": {"cvss_base_score": "6.8", "cvss_scoring_vector": "AV:L/AC:L/Au:S/C:C/I:C/A:C", "status": "verified"}, "details": ["runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate modules when a module path is specified by a user for user-space probing, which allows local users in the stapusr group to gain privileges via a crafted module in the search path in the -u argument."], "name": "CVE-2011-2502", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:4", "fix_state": "Not affected", "package_name": "systemtap", "product_name": "Red Hat Enterprise Linux 4"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "systemtap", "product_name": "Red Hat Enterprise Linux 5"}], "public_date": "2011-07-25T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2011-2502\nhttps://nvd.nist.gov/vuln/detail/CVE-2011-2502"], "threat_severity": "Moderate", "upstream_fix": "systemtap 1.6"}