| Vulnerability Name: | CVE-2015-5287 (CCN-108426) | ||||||||||||
| Assigned: | 2015-11-23 | ||||||||||||
| Published: | 2015-11-23 | ||||||||||||
| Updated: | 2016-12-07 | ||||||||||||
| Summary: | The abrt-hook-ccpp help program in Automatic Bug Reporting Tool (ABRT) before 2.7.1 allows local users with certain permissions to gain privileges via a symlink attack on a file with a predictable name, as demonstrated by /var/tmp/abrt/abrt-hax-coredump or /var/spool/abrt/abrt-hax-coredump. | ||||||||||||
| CVSS v3 Severity: | 8.4 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) 7.8 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C)
| ||||||||||||
| CVSS v2 Severity: | 6.9 Medium (CVSS v2 Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C)
| ||||||||||||
| Vulnerability Type: | CWE-59 | ||||||||||||
| Vulnerability Consequences: | Gain Privileges | ||||||||||||
| References: | Source: MITRE Type: CNA CVE-2015-5287 Source: MISC Type: UNKNOWN http://packetstormsecurity.com/files/154592/ABRT-sosreport-Privilege-Escalation.html Source: REDHAT Type: Vendor Advisory RHSA-2015:2505 Source: CCN Type: oss-sec Mailing List, Tue, 1 Dec 2015 10:11:28 +0900 CVE-2015-5273 + CVE-2015-5287, abrt local root in Centos/Fedora/RHEL Source: MLIST Type: Exploit [oss-security] 20151201 CVE-2015-5273 + CVE-2015-5287, abrt local root in Centos/Fedora/RHEL Source: CONFIRM Type: UNKNOWN http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html Source: BID Type: UNKNOWN 78137 Source: CCN Type: BID-78137 abrt '/var/spool/abrt' Local Privilege Escalation Vulnerability Source: CCN Type: Red Hat Bugzilla Bug 1266837 (CVE-2015-5287) CVE-2015-5287 abrt: incorrect permissions on /var/spool/abrt Source: CONFIRM Type: Exploit https://bugzilla.redhat.com/show_bug.cgi?id=1266837 Source: XF Type: UNKNOWN abrt-cve20155287-priv-esc(108426) Source: CCN Type: abrt Web page abrt Source: CONFIRM Type: UNKNOWN https://github.com/abrt/abrt/commit/3c1b60cfa62d39e5fff5a53a5bc53dae189e740e Source: CCN Type: Packet Storm Security [12-01-2015] RHEL 7.0 / 7.1 abrt / sosreport Local Root Source: CCN Type: Packet Storm Security [09-24-2019] ABRT sosreport Privilege Escalation Source: EXPLOIT-DB Type: EXPLOIT Offensive Security Exploit Database [12-01-2015] Source: EXPLOIT-DB Type: UNKNOWN 38832 Source: EXPLOIT-DB Type: EXPLOIT Offensive Security Exploit Database [09-25-2019] | ||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration RedHat 1: Configuration RedHat 2: Configuration RedHat 3: Configuration RedHat 4: Configuration RedHat 5:  Denotes that component is vulnerable | ||||||||||||
| Oval Definitions | |||||||||||||
| |||||||||||||
| BACK | |||||||||||||