CVE-2011-2473
published 2011-06-09CVE-2011-2473: The do_dump_data function in utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to create or overwrite arbitrary files via a crafted…
PriorityP420medium6.3CVSS 2.0
AVLACMAuNCNICAC
EPSS
0.40%
31.9th percentile
The do_dump_data function in utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to create or overwrite arbitrary files via a crafted --session-dir argument in conjunction with a symlink attack on the opd_pipe file, a different vulnerability than CVE-2011-1760.
Affected
23 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| maynard_johnson | oprofile | <= 0.9.6 | — |
| maynard_johnson | oprofile | — | — |
| maynard_johnson | oprofile | — | — |
| maynard_johnson | oprofile | — | — |
| maynard_johnson | oprofile | — | — |
| maynard_johnson | oprofile | — | — |
| maynard_johnson | oprofile | — | — |
| maynard_johnson | oprofile | — | — |
| maynard_johnson | oprofile | — | — |
| maynard_johnson | oprofile | — | — |
| maynard_johnson | oprofile | — | — |
| maynard_johnson | oprofile | — | — |
| maynard_johnson | oprofile | — | — |
| maynard_johnson | oprofile | — | — |
| maynard_johnson | oprofile | — | — |
| maynard_johnson | oprofile | — | — |
| maynard_johnson | oprofile | — | — |
| maynard_johnson | oprofile | — | — |
| maynard_johnson | oprofile | — | — |
| maynard_johnson | oprofile | — | — |
| maynard_johnson | oprofile | — | — |
| maynard_johnson | oprofile | — | — |
| maynard_johnson | oprofile | — | — |
CVSS provenance
nvdv2.06.3MEDIUMAV:L/AC:M/Au:N/C:N/I:C/A:C
vendor_redhat7.2HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-m545-63mf-qh6w: The do_dump_data function in utils/opcontrol in OProfile 0
ghsa_unreviewed·2022-05-17·CVSS 7.2
CVE-2011-2473 [HIGH] CWE-59 GHSA-m545-63mf-qh6w: The do_dump_data function in utils/opcontrol in OProfile 0
The do_dump_data function in utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to create or overwrite arbitrary files via a crafted --session-dir argument in conjunction with a symlink attack on the opd_pipe file, a different vulnerability than CVE-2011-1760.
Red Hat
oprofile: do_dump_data function symlink attack via opd_pipe
vendor_redhat·2011-04-26·CVSS 7.2
CVE-2011-2473 [HIGH] oprofile: do_dump_data function symlink attack via opd_pipe
oprofile: do_dump_data function symlink attack via opd_pipe
The do_dump_data function in utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to create or overwrite arbitrary files via a crafted --session-dir argument in conjunction with a symlink attack on the opd_pipe file, a different vulnerability than CVE-2011-1760.
Statement: Red Hat currently does not plan to address this issue. For details refer to:
https://bugzilla.redhat.com/show_bug.cgi?id=700883#c18
Package: oprofile (Red Hat Enterprise Linux 4) - Not affected
Package: oprofile (Red Hat Enterprise Linux 5) - Affected
Package: oprofile (Red Hat Enterprise Linux 6) - Affected
No detection rules found.
No public exploits indexed.
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=624212http://openwall.com/lists/oss-security/2011/05/03/1http://openwall.com/lists/oss-security/2011/05/10/6http://openwall.com/lists/oss-security/2011/05/10/7http://openwall.com/lists/oss-security/2011/05/11/1http://www.debian.org/security/2011/dsa-2254https://exchange.xforce.ibmcloud.com/vulnerabilities/67978http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=624212http://openwall.com/lists/oss-security/2011/05/03/1http://openwall.com/lists/oss-security/2011/05/10/6http://openwall.com/lists/oss-security/2011/05/10/7http://openwall.com/lists/oss-security/2011/05/11/1http://www.debian.org/security/2011/dsa-2254https://exchange.xforce.ibmcloud.com/vulnerabilities/67978
2011-06-09
Published