exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Debian Security Advisory 2254-2 https://packetstormsecurity.com/files/103106/dsa-2254-2.txt https://packetstormsecurity.com/files/103106/dsa-2254-2.txt https://packetstormsecurity.com/files/103106/Debian-Security-Advisory-2254-2.html Sat, 16 Jul 2011 15:31:09 GMT Debian Linux Security Advisory 2254-2 - Jamie Strandboge noticed that the patch proposed to fix CVE-2011-1760 in OProfile has been incomplete. OProfile is a performance profiling tool which is configurable by opcontrol, its control utility. Stephane Chauveau reported several ways to inject arbitrary commands in the arguments of this utility. If a local unprivileged user is authorized by sudoers file to run opcontrol as root, this user could use the flaw to escalate his privileges.

Related Files

No related files
packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close