Vulnerability Description
Race condition in the SystemTap stap tool 0.0.20080705 and 0.0.20090314 allows local users in the stapusr group to insert arbitrary SystemTap kernel modules and gain privileges via unknown vectors.
CVSS Score
6.3
MEDIUM
AV:L/AC:M/Au:N/C:N/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Systemtap | Systemtap | 0.0.20080705 |
| Debian | Debian Linux | 4.0 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/34441Third Party Advisory
- http://secunia.com/advisories/34479Third Party Advisory
- http://secunia.com/advisories/34548Third Party Advisory
- http://support.avaya.com/elmodocs2/security/ASA-2009-110.htmThird Party Advisory
- http://www.debian.org/security/2009/dsa-1755PatchThird Party Advisory
- http://www.redhat.com/support/errata/RHSA-2009-0373.htmlThird Party Advisory
- http://www.vupen.com/english/advisories/2009/0907Third Party Advisory
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Third Party Advisory
- http://secunia.com/advisories/34441Third Party Advisory
- http://secunia.com/advisories/34479Third Party Advisory
- http://secunia.com/advisories/34548Third Party Advisory
- http://support.avaya.com/elmodocs2/security/ASA-2009-110.htmThird Party Advisory
- http://www.debian.org/security/2009/dsa-1755PatchThird Party Advisory
- http://www.redhat.com/support/errata/RHSA-2009-0373.htmlThird Party Advisory
- http://www.vupen.com/english/advisories/2009/0907Third Party Advisory
FAQ
What is CVE-2009-0784?
CVE-2009-0784 is a vulnerability with a CVSS score of 6.3 (MEDIUM). Race condition in the SystemTap stap tool 0.0.20080705 and 0.0.20090314 allows local users in the stapusr group to insert arbitrary SystemTap kernel modules and gain privileges via unknown vectors.
How severe is CVE-2009-0784?
CVE-2009-0784 has been rated MEDIUM with a CVSS base score of 6.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-0784?
Check the references section above for vendor advisories and patch information. Affected products include: Systemtap Systemtap, Debian Debian Linux.