Vulnerability Details CVE-2009-0784
Race condition in the SystemTap stap tool 0.0.20080705 and 0.0.20090314 allows local users in the stapusr group to insert arbitrary SystemTap kernel modules and gain privileges via unknown vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 10.5%
CVSS Severity
CVSS v2 Score 6.3
References
- http://secunia.com/advisories/34441
- http://secunia.com/advisories/34479
- http://secunia.com/advisories/34548
- http://support.avaya.com/elmodocs2/security/ASA-2009-110.htm
- http://www.debian.org/security/2009/dsa-1755
- http://www.redhat.com/support/errata/RHSA-2009-0373.html
- http://www.vupen.com/english/advisories/2009/0907
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11613
- http://secunia.com/advisories/34441
- http://secunia.com/advisories/34479
- http://secunia.com/advisories/34548
- http://support.avaya.com/elmodocs2/security/ASA-2009-110.htm
- http://www.debian.org/security/2009/dsa-1755
- http://www.redhat.com/support/errata/RHSA-2009-0373.html
- http://www.vupen.com/english/advisories/2009/0907
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11613
Products affected by CVE-2009-0784
-
cpe:2.3:a:systemtap:systemtap:0.0.20080705
-
cpe:2.3:a:systemtap:systemtap:0.0.20090314
-
cpe:2.3:o:debian:debian_linux:4.0
-
cpe:2.3:o:debian:debian_linux:5.0