CVE-2010-4170

Related Files

SystemTap 1.3 MODPROBE_OPTIONS Privilege Escalation

Posted Apr 19, 2019

Authored by Tavis Ormandy, Brendan Coles | Site metasploit.com

This Metasploit module attempts to gain root privileges by exploiting a vulnerability in the staprun executable included with SystemTap version 1.3. The staprun executable does not clear environment variables prior to executing modprobe, allowing an arbitrary configuration file to be specified in the MODPROBE_OPTIONS environment variable, resulting in arbitrary command execution with root privileges. This module has been tested successfully on: systemtap 1.2-1.fc13-i686 on Fedora 13 (i686); and systemtap 1.1-3.el5 on RHEL 5.5 (x64).

tags | exploit, arbitrary, root

systems | linux, fedora

advisories | CVE-2010-4170

SHA-256 | 57d955347310170d1a380dba46ef41462b10f297e733fec17201a3831094af3b

Download | Favorite | View

Debian Security Advisory 2348-1

Posted Nov 21, 2011

Authored by Debian | Site debian.org

Debian Linux Security Advisory 2348-1 - Several vulnerabilities were discovered in SystemTap, an instrumentation system for Linux.

tags | advisory, vulnerability

systems | linux, debian

advisories | CVE-2010-4170, CVE-2010-4171, CVE-2011-2503

SHA-256 | 11d65241a42e9924fa1a4281af619cedbc575a94bda21b4bad0f19ecaf7eddc5

Download | Favorite | View

Linux Systemtap Privilege Escalation

Posted Nov 26, 2010

Authored by Tavis Ormandy

This code demonstrates a local privilege escalation vulnerability in systemtap.

tags | exploit, local

advisories | CVE-2010-4170

SHA-256 | fd7691a08020e68fc8cc7b5dd46bd1790de570b5d43ecd78597ce5d6e5cb8cad

Download | Favorite | View