Fedora 13 : systemtap-1.4-6.fc13 (2011-7289)

This script is Copyright (C) 2011-2013 Tenable Network Security, Inc.


Synopsis :

The remote Fedora host is missing a security update.

Description :

Two divide-by-zero flaws were found in the way systemtap interpreted
certain corrupted DWARF expressions. A privileged user able to execute
arbitrary systemtap scripts could be tricked into triggering this flaw
to crash the target machine. An unprivileged user (in the stapusr
group) may be able to trigger this flaw to crash the target machine,
only if unprivileged mode was enabled by the system administrator.

See also :

https://bugzilla.redhat.com/show_bug.cgi?id=702687
https://bugzilla.redhat.com/show_bug.cgi?id=703972
http://www.nessus.org/u?b38355e3

Solution :

Update the affected systemtap package.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)

Family: Fedora Local Security Checks

Nessus Plugin ID: 54835 ()

Bugtraq ID:

CVE ID: CVE-2010-4170
CVE-2011-1769
CVE-2011-1781