← Back

Maynard Johnson

maynard_johnson

5 CVEs • 1 product

Products (1)

Click to collapse
Toggle
Oprofile
oprofile
5 CVEs

CVEs (5)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2011-2473
1Maynard Johnson
1Oprofile
Apr 29, 2026
Jun 9, 2011
N/A· v4
N/A· v3
6.3 MEDIUM· v2
The do_dump_data function in utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to create or overwrite arbitrary files via a crafted --session-dir argument in conjunction with a symlink attack on the o...Show more
The do_dump_data function in utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to create or overwrite arbitrary files via a crafted --session-dir argument in conjunction with a symlink attack on the opd_pipe file, a different vulnerability than CVE-2011-1760.Show less
CVE-2011-2472
1Maynard Johnson
1Oprofile
Apr 29, 2026
Jun 9, 2011
N/A· v4
N/A· v3
6.3 MEDIUM· v2
Directory traversal vulnerability in utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to overwrite arbitrary files via a .. (dot dot) in the --save argument, related to the --session-dir argument, a...Show more
Directory traversal vulnerability in utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to overwrite arbitrary files via a .. (dot dot) in the --save argument, related to the --session-dir argument, a different vulnerability than CVE-2011-1760.Show less
CVE-2011-2471
1Maynard Johnson
1Oprofile
Apr 29, 2026
Jun 9, 2011
N/A· v4
N/A· v3
7.2 HIGH· v2
utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to gain privileges via shell metacharacters in the (1) --vmlinux, (2) --session-dir, or (3) --xen argument, related to the daemonrc file and the do_sa...Show more
utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to gain privileges via shell metacharacters in the (1) --vmlinux, (2) --session-dir, or (3) --xen argument, related to the daemonrc file and the do_save_setup and do_load_setup functions, a different vulnerability than CVE-2011-1760.Show less
CVE-2011-1760
1Maynard Johnson
1Oprofile
Apr 29, 2026
Jun 9, 2011
N/A· v4
N/A· v3
7.2 HIGH· v2
utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to conduct eval injection attacks and gain privileges via shell metacharacters in the -e argument.
CVE-2006-0576
1Maynard Johnson
1Oprofile
Apr 16, 2026
Feb 8, 2006
N/A· v4
N/A· v3
7.2 HIGH· v2
Untrusted search path vulnerability in opcontrol in OProfile 0.9.1 and earlier allows local users to execute arbitrary commands via a modified PATH that references malicious (1) which or (2) dirname programs. NOTE: whil...Show more
Untrusted search path vulnerability in opcontrol in OProfile 0.9.1 and earlier allows local users to execute arbitrary commands via a modified PATH that references malicious (1) which or (2) dirname programs. NOTE: while opcontrol normally is not run setuid, a common configuration suggests accessing opcontrol using sudo. In such a context, this is a vulnerability.Show less