QwikSec

Security Database

CVE

CWE

Training

CVE-2011-2472

Published: Jun 9, 2011

Modified: Aug 6, 2024

PUBLISHED

Description

Directory traversal vulnerability in utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to overwrite arbitrary files via a .. (dot dot) in the --save argument, related to the --session-dir argument, a different vulnerability than CVE-2011-1760.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

[oss-security] 20110503 Re: Re: CVE Request -- oprofile -- Local privilege escalation via crafted opcontrol event parameter when authorized by sudo

mailing-list

x_refsource_MLIST

[oss-security] 20110510 Re: Re: CVE Request -- oprofile -- Local privilege escalation via crafted opcontrol event parameter when authorized by sudo

mailing-list

x_refsource_MLIST

https://bugzilla.redhat.com/show_bug.cgi?id=700883

x_refsource_CONFIRM

[oss-security] 20110511 Re: Re: CVE Request -- oprofile -- Local privilege escalation via crafted opcontrol event parameter when authorized by sudo

mailing-list

x_refsource_MLIST

third-party-advisory

x_refsource_SECUNIA

[oss-security] 20110510 Re: Re: CVE Request -- oprofile -- Local privilege escalation via crafted opcontrol event parameter when authorized by sudo

mailing-list

x_refsource_MLIST

vendor-advisory

x_refsource_UBUNTU

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=624212

x_refsource_CONFIRM

vendor-advisory

x_refsource_DEBIAN

oprofile-opcontrol-dir-traversal(67979)

vdb-entry

x_refsource_XF

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.