| Vulnerability Name: | CVE-2010-4170 (CCN-63344) | ||||||||||||||||||||||||
| Assigned: | 2010-11-17 | ||||||||||||||||||||||||
| Published: | 2010-11-17 | ||||||||||||||||||||||||
| Updated: | 2023-02-13 | ||||||||||||||||||||||||
| Summary: | The staprun runtime tool in SystemTap 1.3 does not properly clear the environment before executing modprobe, which allows local users to gain privileges by setting the MODPROBE_OPTIONS environment variable to specify a malicious configuration file. | ||||||||||||||||||||||||
| CVSS v3 Severity: | 5.9 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||||||||||||||||||
| CVSS v2 Severity: | 7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C) 5.9 Medium (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C)
3.8 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P/E:F/RL:OF/RC:C)
5.9 Medium (REDHAT Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C)
| ||||||||||||||||||||||||
| Vulnerability Type: | CWE-284 | ||||||||||||||||||||||||
| Vulnerability Consequences: | Gain Privileges | ||||||||||||||||||||||||
| References: | Source: MITRE Type: CNA CVE-2010-4170 Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: CCN Type: RHSA-2010-0894 Important: systemtap security update Source: CCN Type: RHSA-2010-0895 Moderate: systemtap security update Source: CCN Type: SA42256 SystemTap Denial of Service and Privilege Escalation Vulnerabilities Source: CCN Type: SECTRACK ID: 1024754 SystemTap Lets Local Users Gain Elevated Privileges and Deny Service Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: CCN Type: Mailing list for the systemtap project important systemtap security fix Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: CCN Type: SystemTap Web page SystemTap Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: DEBIAN Type: DSA-2348 systemtap -- several vulnerabilities Source: secalert@redhat.com Type: Exploit secalert@redhat.com Source: CCN Type: OSVDB ID: 69489 SystemTap /usr/bin/staprun Kernel Module Loading Local Privilege Escalation Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: CCN Type: BID-44914 SystemTap 'modprob' Command Environment Variable Local Privilege Escalation Vulnerability Source: secalert@redhat.com Type: Exploit secalert@redhat.com Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: XF Type: UNKNOWN systemtap-staprun-priv-escalation(63344) Source: CCN Type: Packet Storm Security [04-19-2019] SystemTap 1.3 MODPROBE_OPTIONS Privilege Escalation Source: EXPLOIT-DB Type: EXPLOIT Offensive Security Exploit Database [11-26-2010] Source: EXPLOIT-DB Type: EXPLOIT Offensive Security Exploit Database [04-19-2019] Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com | ||||||||||||||||||||||||
| Vulnerable Configuration: | Configuration RedHat 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||||||||||||||
| Oval Definitions | |||||||||||||||||||||||||
| |||||||||||||||||||||||||
| BACK | |||||||||||||||||||||||||