Common Vulnerabilities and Exposures assigned an identifier CVE-2011-2472 to the following vulnerability: Name: CVE-2011-2472 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2472 Assigned: 20110609 Reference: URL:http://openwall.com/lists/oss-security/2011/05/03/1 Reference: URL:http://openwall.com/lists/oss-security/2011/05/10/6 Reference: URL:http://openwall.com/lists/oss-security/2011/05/10/7 Reference: URL:http://openwall.com/lists/oss-security/2011/05/11/1 Reference: CONFIRM:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=624212 Reference: CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=700883 Reference: DEBIAN:DSA-2254 Reference: URL:http://www.debian.org/security/2011/dsa-2254 Directory traversal vulnerability in utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to overwrite arbitrary files via a .. (dot dot) in the --save argument, related to the --session-dir argument, a different vulnerability than CVE-2011-1760.
Statement: Red Hat currently does not plan to address this issue. For details refer to: https://bugzilla.redhat.com/show_bug.cgi?id=700883#c18