PublicDate: 2006-02-08 00:06:00 UTC
Candidate: CVE-2006-0576
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0576
Description:
 Untrusted search path vulnerability in opcontrol in OProfile 0.9.1 and
 earlier allows local users to execute arbitrary commands via a modified
 PATH that references malicious (1) which or (2) dirname programs.  NOTE:
 while opcontrol normally is not run setuid, a common configuration suggests
 accessing opcontrol using sudo.  In such a context, this is a
 vulnerability.
Ubuntu-Description:
Notes:
Priority: untriaged
Discovered-by:
Assigned-to:
CVSS:

Bugs:
dapper_oprofile: released (0.9.1-8ubuntu0.1)
edgy_oprofile: released (0.9.2-1)
feisty_oprofile: released (0.9.2-1)
devel_oprofile: released (0.9.2-1)
upstream_oprofile: needs-triage