source: http://www.securityfocus.com/bid/37842/info SystemTap is prone to a remote command-injection vulnerability because it fails to adequately sanitize user-supplied input data. Remote attackers can exploit this issue to execute arbitrary shell commands with the privileges of the user running the application. Versions prior to SystemTap 1.1 are vulnerable. The following example commands are available: stap-client \; ... stap-client -; ... stap-client -D 'asdf ; ls /etc' ... stap-client -e 'script' -D 'asdf ; \; '
Related ExploitsTrying to match CVEs (1): CVE-2009-4273
Trying to match OSVDBs (1): 61806
Other Possible E-DB Search Terms: SystemTap 1.0, SystemTap
|2010-11-26||SystemTap - Local Privilege Escalation||Tavis Ormandy|
|2010-02-05||SystemTap 1.0/1.1 - '__get_argv()' / '__get_compat_argv()' Local Memory Corruption||Josh Stone|