CVE-2011-2502
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2011-2502
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate modules when a module path is specified by a user for user-space probing, which allows local users in the stapusr group to gain privileges via a crafted module in the search path in the -u argument.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
SystemTap 'staprun'权限提升漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
SystemTap 1.6之前的版本中的systemtap运行时间工具(staprun)中的runtime/staprun/staprun_funcs.c中存在漏洞,该漏洞源于当模块路径指定为用户空间探测的用户未正确验证模块。本地攻击者利用该漏洞通过在-u参数的搜索路径中的特制模块在stapus组中获得特权。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2011-2502
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2011-2502
Please Login to view more intelligence information
- https://bugzilla.redhat.com/show_bug.cgi?id=716476x_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2011-2502
Same Patch Batch · n/a · 2012-07-26 · 16 CVEs total
| CVE-2011-2657 | Novell ZENworks Configuration Management 目录遍历漏洞 | |
| CVE-2011-2658 | Novell ZENWorks Configuration Management ‘ActiveX’控件任意代码执行漏洞 | |
| CVE-2011-3174 | Novell ZENworks Configuration Management 缓冲区溢出漏洞 | |
| CVE-2012-3884 | AirDroid 安全漏洞 | |
| CVE-2012-3885 | AirDroid 加密问题漏洞 | |
| CVE-2012-3886 | AirDroid 加密问题漏洞 | |
| CVE-2012-3887 | AirDroid 敏感信息漏洞 | |
| CVE-2012-3888 | AirDroid 安全绕过漏洞 | |
| CVE-2011-2503 | SystemTap模块加载竞争条件漏洞 | |
| CVE-2011-4963 | F5 Nginx 权限许可和访问控制问题漏洞 | |
| CVE-2012-3698 | Apple Xcode 安全漏洞 | |
| CVE-2012-4043 | Palo Alto Networks Global 多款产品跨站脚本漏洞 | |
| CVE-2012-4068 | Citrix Provisioning Services 缓冲区溢出漏洞 | |
| CVE-2012-3005 | Invensys Wonderware 多个产品不安全库加载漏洞 | |
| CVE-2012-3015 | Siemens SIMATIC STEP/ PCS 不安全库加载漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8186
Open5GS NF client.c ogs_sbi_client_send_via_scp_or_sepp out- - CVE-2026-8187
Open5GS UPF gtp-path.c _gtpv1_u_recv_cb resource consumption - CVE-2026-6667
PgBouncer missing authorization check in KILL_CLIENT admin c - CVE-2026-6666
PgBouncer crash in kill_pool_logins_server_error - CVE-2026-6665
PgBouncer buffer overflow in SCRAM
V. Comments for CVE-2011-2502
No comments yet