CVE-2011-1760

Опубликовано: 09 июн. 2011

Источник: nvd

CVSS2: 7.2

EPSS Низкий

Описание

utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to conduct eval injection attacks and gain privileges via shell metacharacters in the -e argument.

Ссылки

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=624212
Exploit
http://openwall.com/lists/oss-security/2011/04/29/3
Exploit
Patch
http://openwall.com/lists/oss-security/2011/05/01/1
Exploit
Patch
http://openwall.com/lists/oss-security/2011/05/01/2
Exploit
Patch
http://openwall.com/lists/oss-security/2011/05/02/17
Exploit
Patch
http://openwall.com/lists/oss-security/2011/05/03/2
Exploit
Patch
http://openwall.com/lists/oss-security/2011/05/10/6
http://openwall.com/lists/oss-security/2011/05/10/7
Patch
http://openwall.com/lists/oss-security/2011/05/11/1
http://secunia.com/advisories/44790
http://secunia.com/advisories/45205
http://www.debian.org/security/2011/dsa-2254
http://www.securityfocus.com/bid/47652
Exploit
http://www.ubuntu.com/usn/USN-1166-1
https://bugzilla.redhat.com/show_bug.cgi?id=700883
Exploit
Patch
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=624212
Exploit
http://openwall.com/lists/oss-security/2011/04/29/3
Exploit
Patch
http://openwall.com/lists/oss-security/2011/05/01/1
Exploit
Patch
http://openwall.com/lists/oss-security/2011/05/01/2
Exploit
Patch
http://openwall.com/lists/oss-security/2011/05/02/17
Exploit
Patch

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:maynard_johnson:oprofile:*:*:*:*:*:*:*:*

Версия до 0.9.6 (включая)

cpe:2.3:a:maynard_johnson:oprofile:0.1:*:*:*:*:*:*:*

cpe:2.3:a:maynard_johnson:oprofile:0.2:*:*:*:*:*:*:*

cpe:2.3:a:maynard_johnson:oprofile:0.3:*:*:*:*:*:*:*

cpe:2.3:a:maynard_johnson:oprofile:0.4:*:*:*:*:*:*:*

cpe:2.3:a:maynard_johnson:oprofile:0.5:*:*:*:*:*:*:*

cpe:2.3:a:maynard_johnson:oprofile:0.5.1:*:*:*:*:*:*:*

cpe:2.3:a:maynard_johnson:oprofile:0.5.2:*:*:*:*:*:*:*

cpe:2.3:a:maynard_johnson:oprofile:0.5.3:*:*:*:*:*:*:*

cpe:2.3:a:maynard_johnson:oprofile:0.5.4:*:*:*:*:*:*:*

cpe:2.3:a:maynard_johnson:oprofile:0.6:*:*:*:*:*:*:*

cpe:2.3:a:maynard_johnson:oprofile:0.6.1:*:*:*:*:*:*:*

cpe:2.3:a:maynard_johnson:oprofile:0.7:*:*:*:*:*:*:*

cpe:2.3:a:maynard_johnson:oprofile:0.7.1:*:*:*:*:*:*:*

cpe:2.3:a:maynard_johnson:oprofile:0.8:*:*:*:*:*:*:*

cpe:2.3:a:maynard_johnson:oprofile:0.8.1:*:*:*:*:*:*:*

cpe:2.3:a:maynard_johnson:oprofile:0.8.2:*:*:*:*:*:*:*

cpe:2.3:a:maynard_johnson:oprofile:0.9:*:*:*:*:*:*:*

cpe:2.3:a:maynard_johnson:oprofile:0.9.1:*:*:*:*:*:*:*

cpe:2.3:a:maynard_johnson:oprofile:0.9.2:*:*:*:*:*:*:*

cpe:2.3:a:maynard_johnson:oprofile:0.9.3:*:*:*:*:*:*:*

cpe:2.3:a:maynard_johnson:oprofile:0.9.4:*:*:*:*:*:*:*

cpe:2.3:a:maynard_johnson:oprofile:0.9.5:*:*:*:*:*:*:*

EPSS

Процентиль: 33%

0.00129

Низкий

7.2 High

CVSS2

Дефекты

CWE-94

Связанные уязвимости

CVE-2011-1760

ubuntu

больше 14 лет назад

utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to conduct eval injection attacks and gain privileges via shell metacharacters in the -e argument.

CVE-2011-1760

redhat

больше 14 лет назад

utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to conduct eval injection attacks and gain privileges via shell metacharacters in the -e argument.

CVE-2011-1760

debian

больше 14 лет назад

utils/opcontrol in OProfile 0.9.6 and earlier might allow local users ...

GHSA-ccgc-crp4-f2mf

github

больше 3 лет назад

utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to conduct eval injection attacks and gain privileges via shell metacharacters in the -e argument.

EPSS

Процентиль: 33%

0.00129

Низкий

7.2 High

CVSS2

Дефекты

CWE-94