Package: oprofile Version: 0.9.6-1.2 Severity: serious Tags: security Hi, the following CVE (Common Vulnerabilities & Exposures) ids were published for oprofile.
CVE-2011-2473[0]: | The do_dump_data function in utils/opcontrol in OProfile 0.9.6 and | earlier might allow local users to create or overwrite arbitrary files | via a crafted --session-dir argument in conjunction with a symlink | attack on the opd_pipe file, a different vulnerability than | CVE-2011-1760. CVE-2011-2472[1]: | Directory traversal vulnerability in utils/opcontrol in OProfile 0.9.6 | and earlier might allow local users to overwrite arbitrary files via a | .. (dot dot) in the --save argument, related to the --session-dir | argument, a different vulnerability than CVE-2011-1760. CVE-2011-2471[2]: | utils/opcontrol in OProfile 0.9.6 and earlier might allow local users | to gain privileges via shell metacharacters in the (1) --vmlinux, (2) | --session-dir, or (3) --xen argument, related to the daemonrc file and | the do_save_setup and do_load_setup functions, a different | vulnerability than CVE-2011-1760. If you fix the vulnerabilities please also make sure to include the CVE ids in your changelog entry. There are some patches on oss-security[3]. They are not applied in version 0.9.6-1.2, so I assume it to be vulnerable. Helmut For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2473 http://security-tracker.debian.org/tracker/CVE-2011-2473 [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2472 http://security-tracker.debian.org/tracker/CVE-2011-2472 [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2471 http://security-tracker.debian.org/tracker/CVE-2011-2471 [3] http://openwall.com/lists/oss-security/2011/05/10/7 -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
