Scientific Linux Security Update : systemtap on SL5.x i386/x86_64

This script is Copyright (C) 2012 Tenable Network Security, Inc.


Synopsis :

The remote Scientific Linux host is missing one or more security
updates.

Description :

It was discovered that staprun did not properly sanitize the
environment before executing the modprobe command to load an
additional kernel module. A local, unprivileged user could use this
flaw to escalate their privileges. (CVE-2010-4170)

It was discovered that staprun did not check if the module to be
unloaded was previously loaded by SystemTap. A local, unprivileged
user could use this flaw to unload an arbitrary kernel module that was
not in use. (CVE-2010-4171)

Note: After installing this update, users already in the stapdev group
must be added to the stapusr group in order to be able to run the
staprun tool.

See also :

http://www.nessus.org/u?21fdf41e

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)

Family: Scientific Linux Local Security Checks

Nessus Plugin ID: 60904 ()

Bugtraq ID:

CVE ID: CVE-2010-4170
CVE-2010-4171