Directory traversal vulnerability in abrt-dbus in Automatic Bug Reporting Tool (ABRT) allows local users to read, write to, or change ownership of arbitrary files via unspecified vectors to the (1) NewProblem, (2) GetInfo, (3) SetElement, or (4) DeleteElement method.
{"openvas": [{"lastseen": "2020-01-24T18:28:30", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-07-07T00:00:00", "type": "openvas", "title": "Fedora Update for satyr FEDORA-2015-9886", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3151", "CVE-2015-3142", "CVE-2015-1870", "CVE-2015-3150", "CVE-2015-1869", "CVE-2015-3315", "CVE-2015-3159"], "modified": "2020-01-24T00:00:00", "id": "OPENVAS:1361412562310869530", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869530", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for satyr FEDORA-2015-9886\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869530\");\n script_version(\"2020-01-24T07:57:30+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-24 07:57:30 +0000 (Fri, 24 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-07-07 06:22:32 +0200 (Tue, 07 Jul 2015)\");\n script_cve_id(\"CVE-2015-3315\", \"CVE-2015-3142\", \"CVE-2015-1869\", \"CVE-2015-1870\",\n \"CVE-2015-3151\", \"CVE-2015-3150\", \"CVE-2015-3159\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for satyr FEDORA-2015-9886\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'satyr'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"satyr on Fedora 22\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-9886\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-June/160571.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC22\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"satyr\", rpm:\"satyr~0.18~1.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-24T18:28:10", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-07-01T00:00:00", "type": "openvas", "title": "Fedora Update for libreport FEDORA-2015-10193", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3151", "CVE-2015-3142", "CVE-2015-1870", "CVE-2015-3150", "CVE-2015-1869", "CVE-2015-3315", "CVE-2015-3159"], "modified": "2020-01-24T00:00:00", "id": "OPENVAS:1361412562310869475", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869475", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libreport FEDORA-2015-10193\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869475\");\n script_version(\"2020-01-24T07:57:30+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-24 07:57:30 +0000 (Fri, 24 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-07-01 06:26:25 +0200 (Wed, 01 Jul 2015)\");\n script_cve_id(\"CVE-2015-3315\", \"CVE-2015-3142\", \"CVE-2015-1869\", \"CVE-2015-1870\",\n \"CVE-2015-3151\", \"CVE-2015-3150\", \"CVE-2015-3159\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for libreport FEDORA-2015-10193\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libreport'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"libreport on Fedora 21\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-10193\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-June/161246.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC21\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC21\")\n{\n\n if ((res = isrpmvuln(pkg:\"libreport\", rpm:\"libreport~2.3.0~8.fc21\", rls:\"FC21\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-24T18:27:56", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-07-07T00:00:00", "type": "openvas", "title": "Fedora Update for gnome-abrt FEDORA-2015-9886", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3151", "CVE-2015-3142", "CVE-2015-1870", "CVE-2015-3150", "CVE-2015-1869", "CVE-2015-3315", "CVE-2015-3159"], "modified": "2020-01-24T00:00:00", "id": "OPENVAS:1361412562310869534", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869534", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for gnome-abrt FEDORA-2015-9886\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869534\");\n script_version(\"2020-01-24T07:57:30+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-24 07:57:30 +0000 (Fri, 24 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-07-07 06:22:59 +0200 (Tue, 07 Jul 2015)\");\n script_cve_id(\"CVE-2015-3315\", \"CVE-2015-3142\", \"CVE-2015-1869\", \"CVE-2015-1870\",\n \"CVE-2015-3151\", \"CVE-2015-3150\", \"CVE-2015-3159\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for gnome-abrt FEDORA-2015-9886\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'gnome-abrt'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"gnome-abrt on Fedora 22\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-9886\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-June/160568.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC22\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"gnome-abrt\", rpm:\"gnome-abrt~1.2.0~1.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-24T18:28:42", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-07-01T00:00:00", "type": "openvas", "title": "Fedora Update for gnome-abrt FEDORA-2015-10193", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3151", "CVE-2015-3142", "CVE-2015-1870", "CVE-2015-3150", "CVE-2015-1869", "CVE-2015-3315", "CVE-2015-3159"], "modified": "2020-01-24T00:00:00", "id": "OPENVAS:1361412562310869477", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869477", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for gnome-abrt FEDORA-2015-10193\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869477\");\n script_version(\"2020-01-24T07:57:30+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-24 07:57:30 +0000 (Fri, 24 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-07-01 06:27:35 +0200 (Wed, 01 Jul 2015)\");\n script_cve_id(\"CVE-2015-3315\", \"CVE-2015-3142\", \"CVE-2015-1869\", \"CVE-2015-1870\",\n \"CVE-2015-3151\", \"CVE-2015-3150\", \"CVE-2015-3159\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for gnome-abrt FEDORA-2015-10193\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'gnome-abrt'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"gnome-abrt on Fedora 21\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-10193\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-June/161245.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC21\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC21\")\n{\n\n if ((res = isrpmvuln(pkg:\"gnome-abrt\", rpm:\"gnome-abrt~1.0.0~3.fc21\", rls:\"FC21\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-24T18:28:16", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-07-07T00:00:00", "type": "openvas", "title": "Fedora Update for libreport FEDORA-2015-9886", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3151", "CVE-2015-3142", "CVE-2015-1870", "CVE-2015-3150", "CVE-2015-1869", "CVE-2015-3315", "CVE-2015-3159"], "modified": "2020-01-24T00:00:00", "id": "OPENVAS:1361412562310869658", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869658", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libreport FEDORA-2015-9886\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869658\");\n script_version(\"2020-01-24T07:57:30+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-24 07:57:30 +0000 (Fri, 24 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-07-07 06:32:44 +0200 (Tue, 07 Jul 2015)\");\n script_cve_id(\"CVE-2015-3315\", \"CVE-2015-3142\", \"CVE-2015-1869\", \"CVE-2015-1870\",\n \"CVE-2015-3151\", \"CVE-2015-3150\", \"CVE-2015-3159\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for libreport FEDORA-2015-9886\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libreport'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"libreport on Fedora 22\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-9886\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-June/160569.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC22\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"libreport\", rpm:\"libreport~2.6.0~1.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-24T18:28:28", "description": "Oracle Linux Local Security Checks ELSA-2015-1083", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2015-1083", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3151", "CVE-2015-3142", "CVE-2015-1870", "CVE-2015-3150", "CVE-2015-3147", "CVE-2015-1869", "CVE-2015-3315", "CVE-2015-3159"], "modified": "2020-01-24T00:00:00", "id": "OPENVAS:1361412562310123105", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123105", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123105\");\n script_version(\"2020-01-24T07:57:30+0000\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 13:59:26 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-01-24 07:57:30 +0000 (Fri, 24 Jan 2020)\");\n script_name(\"Oracle Linux Local Check: ELSA-2015-1083\");\n script_tag(name:\"insight\", value:\"ELSA-2015-1083 - abrt security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2015-1083\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2015-1083.html\");\n script_cve_id(\"CVE-2015-1869\", \"CVE-2015-1870\", \"CVE-2015-3142\", \"CVE-2015-3147\", \"CVE-2015-3150\", \"CVE-2015-3151\", \"CVE-2015-3159\", \"CVE-2015-3315\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux7\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux7\")\n{\n if ((res = isrpmvuln(pkg:\"abrt\", rpm:\"abrt~2.1.11~22.0.1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"abrt-addon-ccpp\", rpm:\"abrt-addon-ccpp~2.1.11~22.0.1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"abrt-addon-kerneloops\", rpm:\"abrt-addon-kerneloops~2.1.11~22.0.1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"abrt-addon-pstoreoops\", rpm:\"abrt-addon-pstoreoops~2.1.11~22.0.1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"abrt-addon-python\", rpm:\"abrt-addon-python~2.1.11~22.0.1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"abrt-addon-upload-watch\", rpm:\"abrt-addon-upload-watch~2.1.11~22.0.1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"abrt-addon-vmcore\", rpm:\"abrt-addon-vmcore~2.1.11~22.0.1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"abrt-addon-xorg\", rpm:\"abrt-addon-xorg~2.1.11~22.0.1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"abrt-cli\", rpm:\"abrt-cli~2.1.11~22.0.1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"abrt-console-notification\", rpm:\"abrt-console-notification~2.1.11~22.0.1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"abrt-dbus\", rpm:\"abrt-dbus~2.1.11~22.0.1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"abrt-desktop\", rpm:\"abrt-desktop~2.1.11~22.0.1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"abrt-devel\", rpm:\"abrt-devel~2.1.11~22.0.1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"abrt-gui\", rpm:\"abrt-gui~2.1.11~22.0.1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"abrt-gui-devel\", rpm:\"abrt-gui-devel~2.1.11~22.0.1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"abrt-gui-libs\", rpm:\"abrt-gui-libs~2.1.11~22.0.1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"abrt-libs\", rpm:\"abrt-libs~2.1.11~22.0.1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"abrt-python\", rpm:\"abrt-python~2.1.11~22.0.1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"abrt-python-doc\", rpm:\"abrt-python-doc~2.1.11~22.0.1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"abrt-retrace-client\", rpm:\"abrt-retrace-client~2.1.11~22.0.1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"abrt-tui\", rpm:\"abrt-tui~2.1.11~22.0.1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"libreport\", rpm:\"libreport~2.1.11~23.0.1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"libreport-anaconda\", rpm:\"libreport-anaconda~2.1.11~23.0.1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"libreport-cli\", rpm:\"libreport-cli~2.1.11~23.0.1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"libreport-compat\", rpm:\"libreport-compat~2.1.11~23.0.1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"libreport-devel\", rpm:\"libreport-devel~2.1.11~23.0.1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"libreport-filesystem\", rpm:\"libreport-filesystem~2.1.11~23.0.1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"libreport-gtk\", rpm:\"libreport-gtk~2.1.11~23.0.1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"libreport-gtk-devel\", rpm:\"libreport-gtk-devel~2.1.11~23.0.1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"libreport-newt\", rpm:\"libreport-newt~2.1.11~23.0.1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"libreport-plugin-bugzilla\", rpm:\"libreport-plugin-bugzilla~2.1.11~23.0.1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"libreport-plugin-kerneloops\", rpm:\"libreport-plugin-kerneloops~2.1.11~23.0.1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"libreport-plugin-logger\", rpm:\"libreport-plugin-logger~2.1.11~23.0.1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"libreport-plugin-mailx\", rpm:\"libreport-plugin-mailx~2.1.11~23.0.1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"libreport-plugin-reportuploader\", rpm:\"libreport-plugin-reportuploader~2.1.11~23.0.1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"libreport-plugin-ureport\", rpm:\"libreport-plugin-ureport~2.1.11~23.0.1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"libreport-python\", rpm:\"libreport-python~2.1.11~23.0.1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"libreport-rhel-anaconda-bugzilla\", rpm:\"libreport-rhel-anaconda-bugzilla~2.1.11~23.0.1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"libreport-rhel-bugzilla\", rpm:\"libreport-rhel-bugzilla~2.1.11~23.0.1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"libreport-web\", rpm:\"libreport-web~2.1.11~23.0.1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"libreport-web-devel\", rpm:\"libreport-web-devel~2.1.11~23.0.1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-24T18:27:59", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-07-01T00:00:00", "type": "openvas", "title": "Fedora Update for abrt FEDORA-2015-10193", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3151", "CVE-2015-3142", "CVE-2015-1870", "CVE-2015-3150", "CVE-2015-3147", "CVE-2015-1869", "CVE-2015-3315", "CVE-2015-3159"], "modified": "2020-01-24T00:00:00", "id": "OPENVAS:1361412562310869478", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869478", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for abrt FEDORA-2015-10193\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869478\");\n script_version(\"2020-01-24T07:57:30+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-24 07:57:30 +0000 (Fri, 24 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-07-01 06:27:48 +0200 (Wed, 01 Jul 2015)\");\n script_cve_id(\"CVE-2015-3315\", \"CVE-2015-3142\", \"CVE-2015-1869\", \"CVE-2015-1870\",\n \"CVE-2015-3151\", \"CVE-2015-3150\", \"CVE-2015-3159\", \"CVE-2015-3147\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for abrt FEDORA-2015-10193\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'abrt'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"abrt on Fedora 21\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-10193\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-June/161247.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC21\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC21\")\n{\n\n if ((res = isrpmvuln(pkg:\"abrt\", rpm:\"abrt~2.3.0~7.fc21\", rls:\"FC21\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-24T18:27:40", "description": "Check the version of abrt", "cvss3": {}, "published": "2015-06-16T00:00:00", "type": "openvas", "title": "CentOS Update for abrt CESA-2015:1083 centos7", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3151", "CVE-2015-3142", "CVE-2015-1870", "CVE-2015-3150", "CVE-2015-3147", "CVE-2015-1869", "CVE-2015-3315", "CVE-2015-3159"], "modified": "2020-01-24T00:00:00", "id": "OPENVAS:1361412562310882200", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882200", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for abrt CESA-2015:1083 centos7\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882200\");\n script_version(\"2020-01-24T07:57:30+0000\");\n script_cve_id(\"CVE-2015-1869\", \"CVE-2015-1870\", \"CVE-2015-3142\", \"CVE-2015-3147\",\n \"CVE-2015-3150\", \"CVE-2015-3151\", \"CVE-2015-3159\", \"CVE-2015-3315\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-24 07:57:30 +0000 (Fri, 24 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-06-16 06:14:05 +0200 (Tue, 16 Jun 2015)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for abrt CESA-2015:1083 centos7\");\n script_tag(name:\"summary\", value:\"Check the version of abrt\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"ABRT (Automatic Bug Reporting Tool) is a tool\n to help users to detect\ndefects in applications and to create a bug report with all the information\nneeded by a maintainer to fix it. It uses a plug-in system to extend its\nfunctionality.\n\nIt was found that ABRT was vulnerable to multiple race condition and\nsymbolic link flaws. A local attacker could use these flaws to potentially\nescalate their privileges on the system. (CVE-2015-3315)\n\nIt was discovered that the kernel-invoked coredump processor provided by\nABRT wrote core dumps to files owned by other system users. This could\nresult in information disclosure if an application crashed while its\ncurrent directory was a directory writable to by other users (such as\n/tmp). (CVE-2015-3142)\n\nIt was discovered that the default event handling scripts installed by ABRT\ndid not handle symbolic links correctly. A local attacker with write access\nto an ABRT problem directory could use this flaw to escalate their\nprivileges. (CVE-2015-1869)\n\nIt was found that the ABRT event scripts created a user-readable copy of an\nsosreport file in ABRT problem directories, and included excerpts of\n/var/log/messages selected by the user-controlled process name, leading to\nan information disclosure. (CVE-2015-1870)\n\nIt was discovered that, when moving problem reports between certain\ndirectories, abrt-handle-upload did not verify that the new problem\ndirectory had appropriate permissions and did not contain symbolic links.\nAn attacker able to create a crafted problem report could use this flaw to\nexpose other parts of ABRT to attack, or to overwrite arbitrary files on\nthe system. (CVE-2015-3147)\n\nMultiple directory traversal flaws were found in the abrt-dbus D-Bus\nservice. A local attacker could use these flaws to read and write arbitrary\nfiles as the root user. (CVE-2015-3151)\n\nIt was discovered that the abrt-dbus D-Bus service did not properly check\nthe validity of the problem directory argument in the ChownProblemDir,\nDeleteElement, and DeleteProblem methods. A local attacker could use this\nflaw to take ownership of arbitrary files and directories, or to delete\nfiles and directories as the root user. (CVE-2015-3150)\n\nIt was discovered that the abrt-action-install-debuginfo-to-abrt-cache\nhelper program did not properly filter the process environment before\ninvoking abrt-action-install-debuginfo. A local attacker could use this\nflaw to escalate their privileges on the system. (CVE-2015-3159)\n\nAll users of abrt are advised to upgrade to these updated packages, which\ncorrect these issues.\");\n script_tag(name:\"affected\", value:\"abrt on CentOS 7\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_xref(name:\"CESA\", value:\"2015:1083\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2015-June/021170.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"abrt\", rpm:\"abrt~2.1.11~22.el7.centos.0.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"abrt-addon-ccpp\", rpm:\"abrt-addon-ccpp~2.1.11~22.el7.centos.0.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"abrt-addon-kerneloops\", rpm:\"abrt-addon-kerneloops~2.1.11~22.el7.centos.0.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"abrt-addon-pstoreoops\", rpm:\"abrt-addon-pstoreoops~2.1.11~22.el7.centos.0.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"abrt-addon-python\", rpm:\"abrt-addon-python~2.1.11~22.el7.centos.0.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"abrt-addon-upload-watch\", rpm:\"abrt-addon-upload-watch~2.1.11~22.el7.centos.0.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"abrt-addon-vmcore\", rpm:\"abrt-addon-vmcore~2.1.11~22.el7.centos.0.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"abrt-addon-xorg\", rpm:\"abrt-addon-xorg~2.1.11~22.el7.centos.0.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"abrt-cli\", rpm:\"abrt-cli~2.1.11~22.el7.centos.0.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"abrt-console-notification\", rpm:\"abrt-console-notification~2.1.11~22.el7.centos.0.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"abrt-dbus\", rpm:\"abrt-dbus~2.1.11~22.el7.centos.0.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"abrt-desktop\", rpm:\"abrt-desktop~2.1.11~22.el7.centos.0.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"abrt-devel\", rpm:\"abrt-devel~2.1.11~22.el7.centos.0.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"abrt-gui\", rpm:\"abrt-gui~2.1.11~22.el7.centos.0.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"abrt-gui-devel\", rpm:\"abrt-gui-devel~2.1.11~22.el7.centos.0.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"abrt-gui-libs\", rpm:\"abrt-gui-libs~2.1.11~22.el7.centos.0.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"abrt-libs\", rpm:\"abrt-libs~2.1.11~22.el7.centos.0.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"abrt-python\", rpm:\"abrt-python~2.1.11~22.el7.centos.0.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"abrt-python-doc\", rpm:\"abrt-python-doc~2.1.11~22.el7.centos.0.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"abrt-retrace-client\", rpm:\"abrt-retrace-client~2.1.11~22.el7.centos.0.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"abrt-tui\", rpm:\"abrt-tui~2.1.11~22.el7.centos.0.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreport\", rpm:\"libreport~2.1.11~23.el7.centos.0.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreport-anaconda\", rpm:\"libreport-anaconda~2.1.11~23.el7.centos.0.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreport-centos\", rpm:\"libreport-centos~2.1.11~23.el7.centos.0.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreport-cli\", rpm:\"libreport-cli~2.1.11~23.el7.centos.0.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreport-compat\", rpm:\"libreport-compat~2.1.11~23.el7.centos.0.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreport-devel\", rpm:\"libreport-devel~2.1.11~23.el7.centos.0.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreport-filesystem\", rpm:\"libreport-filesystem~2.1.11~23.el7.centos.0.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreport-gtk\", rpm:\"libreport-gtk~2.1.11~23.el7.centos.0.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreport-gtk-devel\", rpm:\"libreport-gtk-devel~2.1.11~23.el7.centos.0.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreport-newt\", rpm:\"libreport-newt~2.1.11~23.el7.centos.0.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreport-plugin-bugzilla\", rpm:\"libreport-plugin-bugzilla~2.1.11~23.el7.centos.0.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreport-plugin-kerneloops\", rpm:\"libreport-plugin-kerneloops~2.1.11~23.el7.centos.0.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreport-plugin-logger\", rpm:\"libreport-plugin-logger~2.1.11~23.el7.centos.0.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreport-plugin-mailx\", rpm:\"libreport-plugin-mailx~2.1.11~23.el7.centos.0.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreport-plugin-mantisbt\", rpm:\"libreport-plugin-mantisbt~2.1.11~23.el7.centos.0.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreport-plugin-reportuploader\", rpm:\"libreport-plugin-reportuploader~2.1.11~23.el7.centos.0.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreport-plugin-rhtsupport\", rpm:\"libreport-plugin-rhtsupport~2.1.11~23.el7.centos.0.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreport-plugin-ureport\", rpm:\"libreport-plugin-ureport~2.1.11~23.el7.centos.0.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreport-python\", rpm:\"libreport-python~2.1.11~23.el7.centos.0.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreport-rhel\", rpm:\"libreport-rhel~2.1.11~23.el7.centos.0.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreport-rhel-anaconda-bugzilla\", rpm:\"libreport-rhel-anaconda-bugzilla~2.1.11~23.el7.centos.0.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreport-rhel-bugzilla\", rpm:\"libreport-rhel-bugzilla~2.1.11~23.el7.centos.0.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreport-web\", rpm:\"libreport-web~2.1.11~23.el7.centos.0.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreport-web-devel\", rpm:\"libreport-web-devel~2.1.11~23.el7.centos.0.1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-24T18:28:21", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-07-07T00:00:00", "type": "openvas", "title": "Fedora Update for abrt FEDORA-2015-9886", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3151", "CVE-2015-3142", "CVE-2015-1870", "CVE-2015-3150", "CVE-2015-3147", "CVE-2015-1869", "CVE-2015-3315", "CVE-2015-3159"], "modified": "2020-01-24T00:00:00", "id": "OPENVAS:1361412562310869632", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869632", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for abrt FEDORA-2015-9886\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869632\");\n script_version(\"2020-01-24T07:57:30+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-24 07:57:30 +0000 (Fri, 24 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-07-07 06:30:09 +0200 (Tue, 07 Jul 2015)\");\n script_cve_id(\"CVE-2015-3315\", \"CVE-2015-3142\", \"CVE-2015-1869\", \"CVE-2015-1870\",\n \"CVE-2015-3151\", \"CVE-2015-3150\", \"CVE-2015-3159\", \"CVE-2015-3147\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for abrt FEDORA-2015-9886\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'abrt'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"abrt on Fedora 22\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-9886\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-June/160570.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC22\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"abrt\", rpm:\"abrt~2.6.0~1.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-24T18:28:26", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-06-10T00:00:00", "type": "openvas", "title": "RedHat Update for abrt RHSA-2015:1083-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3151", "CVE-2015-3142", "CVE-2015-1870", "CVE-2015-3150", "CVE-2015-3147", "CVE-2015-1869", "CVE-2015-3315", "CVE-2015-3159"], "modified": "2020-01-24T00:00:00", "id": "OPENVAS:1361412562310871373", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871373", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for abrt RHSA-2015:1083-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871373\");\n script_version(\"2020-01-24T07:57:30+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-24 07:57:30 +0000 (Fri, 24 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-06-10 06:34:39 +0200 (Wed, 10 Jun 2015)\");\n script_cve_id(\"CVE-2015-1869\", \"CVE-2015-1870\", \"CVE-2015-3142\", \"CVE-2015-3147\",\n \"CVE-2015-3150\", \"CVE-2015-3151\", \"CVE-2015-3159\", \"CVE-2015-3315\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for abrt RHSA-2015:1083-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'abrt'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"ABRT (Automatic Bug Reporting Tool) is a tool to help users to detect\ndefects in applications and to create a bug report with all the information\nneeded by a maintainer to fix it. It uses a plug-in system to extend its\nfunctionality.\n\nIt was found that ABRT was vulnerable to multiple race condition and\nsymbolic link flaws. A local attacker could use these flaws to potentially\nescalate their privileges on the system. (CVE-2015-3315)\n\nIt was discovered that the kernel-invoked coredump processor provided by\nABRT wrote core dumps to files owned by other system users. This could\nresult in information disclosure if an application crashed while its\ncurrent directory was a directory writable to by other users (such as\n/tmp). (CVE-2015-3142)\n\nIt was discovered that the default event handling scripts installed by ABRT\ndid not handle symbolic links correctly. A local attacker with write access\nto an ABRT problem directory could use this flaw to escalate their\nprivileges. (CVE-2015-1869)\n\nIt was found that the ABRT event scripts created a user-readable copy of an\nsosreport file in ABRT problem directories, and included excerpts of\n/var/log/messages selected by the user-controlled process name, leading to\nan information disclosure. (CVE-2015-1870)\n\nIt was discovered that, when moving problem reports between certain\ndirectories, abrt-handle-upload did not verify that the new problem\ndirectory had appropriate permissions and did not contain symbolic links.\nAn attacker able to create a crafted problem report could use this flaw to\nexpose other parts of ABRT to attack, or to overwrite arbitrary files on\nthe system. (CVE-2015-3147)\n\nMultiple directory traversal flaws were found in the abrt-dbus D-Bus\nservice. A local attacker could use these flaws to read and write arbitrary\nfiles as the root user. (CVE-2015-3151)\n\nIt was discovered that the abrt-dbus D-Bus service did not properly check\nthe validity of the problem directory argument in the ChownProblemDir,\nDeleteElement, and DeleteProblem methods. A local attacker could use this\nflaw to take ownership of arbitrary files and directories, or to delete\nfiles and directories as the root user. (CVE-2015-3150)\n\nIt was discovered that the abrt-action-install-debuginfo-to-abrt-cache\nhelper program did not properly filter the process environment before\ninvoking abrt-action-install-debuginfo. A local attacker could use this\nflaw to escalate their privileges on the system. (CVE-2015-3159)\n\nAll users of abrt are advised to upgrade to these updated packages, which\ncorrect these issues.\");\n script_tag(name:\"affected\", value:\"abrt on Red Hat Enterprise Linux Server (v. 7)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"RHSA\", value:\"2015:1083-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2015-June/msg00011.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_7\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"abrt\", rpm:\"abrt~2.1.11~22.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"abrt-addon-ccpp\", rpm:\"abrt-addon-ccpp~2.1.11~22.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"abrt-addon-kerneloops\", rpm:\"abrt-addon-kerneloops~2.1.11~22.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"abrt-addon-pstoreoops\", rpm:\"abrt-addon-pstoreoops~2.1.11~22.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"abrt-addon-python\", rpm:\"abrt-addon-python~2.1.11~22.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"abrt-addon-vmcore\", rpm:\"abrt-addon-vmcore~2.1.11~22.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"abrt-addon-xorg\", rpm:\"abrt-addon-xorg~2.1.11~22.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"abrt-cli\", rpm:\"abrt-cli~2.1.11~22.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"abrt-console-notification\", rpm:\"abrt-console-notification~2.1.11~22.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"abrt-dbus\", rpm:\"abrt-dbus~2.1.11~22.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"abrt-debuginfo\", rpm:\"abrt-debuginfo~2.1.11~22.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"abrt-desktop\", rpm:\"abrt-desktop~2.1.11~22.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"abrt-gui\", rpm:\"abrt-gui~2.1.11~22.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"abrt-gui-libs\", rpm:\"abrt-gui-libs~2.1.11~22.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"abrt-libs\", rpm:\"abrt-libs~2.1.11~22.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"abrt-python\", rpm:\"abrt-python~2.1.11~22.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"abrt-tui\", rpm:\"abrt-tui~2.1.11~22.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreport\", rpm:\"libreport~2.1.11~23.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreport-anaconda\", rpm:\"libreport-anaconda~2.1.11~23.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreport-cli\", rpm:\"libreport-cli~2.1.11~23.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreport-debuginfo\", rpm:\"libreport-debuginfo~2.1.11~23.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreport-filesystem\", rpm:\"libreport-filesystem~2.1.11~23.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreport-gtk\", rpm:\"libreport-gtk~2.1.11~23.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreport-plugin-bugzilla\", rpm:\"libreport-plugin-bugzilla~2.1.11~23.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreport-plugin-mailx\", rpm:\"libreport-plugin-mailx~2.1.11~23.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreport-plugin-reportuploader\", rpm:\"libreport-plugin-reportuploader~2.1.11~23.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreport-plugin-rhtsupport\", rpm:\"libreport-plugin-rhtsupport~2.1.11~23.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreport-plugin-ureport\", rpm:\"libreport-plugin-ureport~2.1.11~23.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreport-python\", rpm:\"libreport-python~2.1.11~23.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreport-rhel\", rpm:\"libreport-rhel~2.1.11~23.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreport-rhel-anaconda-bugzilla\", rpm:\"libreport-rhel-anaconda-bugzilla~2.1.11~23.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreport-web\", rpm:\"libreport-web~2.1.11~23.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "fedora": [{"lastseen": "2020-12-21T08:17:53", "description": "A GNOME application allows users to browse through detected problems and provides them with convenient way for managing these problems. ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2015-06-21T00:33:50", "type": "fedora", "title": "[SECURITY] Fedora 22 Update: gnome-abrt-1.2.0-1.fc22", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1869", "CVE-2015-1870", "CVE-2015-3142", "CVE-2015-3150", "CVE-2015-3151", "CVE-2015-3159", "CVE-2015-3315"], "modified": "2015-06-21T00:33:50", "id": "FEDORA:E37216205E95", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/4WSJZIVP6GWGBZYCJAQVGXO33T44A6MS/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:53", "description": "A GNOME application allows users to browse through detected problems and provides them with convenient way for managing these problems. ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2015-06-30T20:20:27", "type": "fedora", "title": "[SECURITY] Fedora 21 Update: gnome-abrt-1.0.0-3.fc21", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1869", "CVE-2015-1870", "CVE-2015-3142", "CVE-2015-3150", "CVE-2015-3151", "CVE-2015-3159", "CVE-2015-3315"], "modified": "2015-06-30T20:20:27", "id": "FEDORA:E13A7604B3B3", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/EIFNDXUCWW46V3S7GLIEO3F4R54YGYAN/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:53", "description": "Satyr is a library that can be used to create and process microreports. Microreports consist of structured data suitable to be analyzed in a fully automated manner, though they do not necessarily contain sufficient informa tion to fix the underlying problem. The reports are designed not to contain any potentially sensitive data to eliminate the need for review before submissi on. Included is a tool that can create microreports and perform some basic operations on them. ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2015-06-21T00:33:50", "type": "fedora", "title": "[SECURITY] Fedora 22 Update: satyr-0.18-1.fc22", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1869", "CVE-2015-1870", "CVE-2015-3142", "CVE-2015-3150", "CVE-2015-3151", "CVE-2015-3159", "CVE-2015-3315"], "modified": "2015-06-21T00:33:50", "id": "FEDORA:21BC16205E95", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/3UMR7X4LNHV7ISOMMETCTLSOC7U52BMT/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:53", "description": "Libraries providing API for reporting different problems in applications to different bug targets like Bugzilla, ftp, trac, etc... ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2015-06-21T00:33:50", "type": "fedora", "title": "[SECURITY] Fedora 22 Update: libreport-2.6.0-1.fc22", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1869", "CVE-2015-1870", "CVE-2015-3142", "CVE-2015-3150", "CVE-2015-3151", "CVE-2015-3159", "CVE-2015-3315"], "modified": "2015-06-21T00:33:50", "id": "FEDORA:140466254743", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/7FAWQFQ6HDN2XPLTG5ZBX64QSZTBSPF6/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:53", "description": "Libraries providing API for reporting different problems in applications to different bug targets like Bugzilla, ftp, trac, etc... ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2015-06-30T20:20:27", "type": "fedora", "title": "[SECURITY] Fedora 21 Update: libreport-2.3.0-8.fc21", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1869", "CVE-2015-1870", "CVE-2015-3142", "CVE-2015-3150", "CVE-2015-3151", "CVE-2015-3159", "CVE-2015-3315"], "modified": "2015-06-30T20:20:27", "id": "FEDORA:0B64D604E832", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/TENJEMFYZQOGL5ZGR75Y2XGVSZ4QZJXU/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:53", "description": "abrt is a tool to help users to detect defects in applications and to create a bug report with all information needed by maintainer to fix it. It uses plugin system to extend its functionality. ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2015-06-30T20:20:27", "type": "fedora", "title": "[SECURITY] Fedora 21 Update: abrt-2.3.0-7.fc21", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1869", "CVE-2015-1870", "CVE-2015-3142", "CVE-2015-3147", "CVE-2015-3150", "CVE-2015-3151", "CVE-2015-3159", "CVE-2015-3315"], "modified": "2015-06-30T20:20:27", "id": "FEDORA:F176B604CD06", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/FAUKTOCKKHYNGGW6KZIN73ZFYIPFSKMC/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:53", "description": "abrt is a tool to help users to detect defects in applications and to create a bug report with all information needed by maintainer to fix it. It uses plugin system to extend its functionality. ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2015-06-21T00:33:50", "type": "fedora", "title": "[SECURITY] Fedora 22 Update: abrt-2.6.0-1.fc22", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1869", "CVE-2015-1870", "CVE-2015-3142", "CVE-2015-3147", "CVE-2015-3150", "CVE-2015-3151", "CVE-2015-3159", "CVE-2015-3315"], "modified": "2015-06-21T00:33:50", "id": "FEDORA:01B586251304", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/FUTUTTO5RXFINO22YZSDQGFFCQSEPSXP/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2023-01-11T14:57:22", "description": "Security fixes for :\n\n - CVE-2015-3315\n\n - CVE-2015-3142\n\n - CVE-2015-1869\n\n - CVE-2015-1870\n\n - CVE-2015-3151\n\n - CVE-2015-3150\n\n - CVE-2015-3159\n\nabrt: =====\n\n - Move the default dump location from /var/tmp/abrt to /var/spool/abrt\n\n - Use root for owner of all dump directories\n\n - Stop reading hs_error.log from /tmp\n\n - Don not save the system logs by default\n\n - Don not save dmesg if kernel.dmesg_restrict=1\n\nlibreport: ==========\n\n - Harden the code against directory traversal, symbolic and hard link attacks\n\n - Fix a bug causing that the first value of AlwaysExcludedElements was ignored\n\n - Fix missing icon for the 'Stop' button icon name\n\n - Improve development documentation\n\n - Translations updates\n\ngnome-abrt: ===========\n\n - Use DBus to get problem data for detail dialog\n\n - Fix an error introduced with the details on System page\n\n - Enabled the Details also for the System problems\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-07-01T00:00:00", "type": "nessus", "title": "Fedora 21 : abrt-2.3.0-7.fc21 / gnome-abrt-1.0.0-3.fc21 / libreport-2.3.0-8.fc21 (2015-10193)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1869", "CVE-2015-1870", "CVE-2015-3142", "CVE-2015-3150", "CVE-2015-3151", "CVE-2015-3159", "CVE-2015-3315"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:abrt", "p-cpe:/a:fedoraproject:fedora:gnome-abrt", "p-cpe:/a:fedoraproject:fedora:libreport", "cpe:/o:fedoraproject:fedora:21"], "id": "FEDORA_2015-10193.NASL", "href": "https://www.tenable.com/plugins/nessus/84475", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-10193.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84475);\n script_version(\"2.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-1869\", \"CVE-2015-1870\", \"CVE-2015-3142\", \"CVE-2015-3150\", \"CVE-2015-3151\", \"CVE-2015-3159\", \"CVE-2015-3315\");\n script_xref(name:\"FEDORA\", value:\"2015-10193\");\n\n script_name(english:\"Fedora 21 : abrt-2.3.0-7.fc21 / gnome-abrt-1.0.0-3.fc21 / libreport-2.3.0-8.fc21 (2015-10193)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fixes for :\n\n - CVE-2015-3315\n\n - CVE-2015-3142\n\n - CVE-2015-1869\n\n - CVE-2015-1870\n\n - CVE-2015-3151\n\n - CVE-2015-3150\n\n - CVE-2015-3159\n\nabrt: =====\n\n - Move the default dump location from /var/tmp/abrt to\n /var/spool/abrt\n\n - Use root for owner of all dump directories\n\n - Stop reading hs_error.log from /tmp\n\n - Don not save the system logs by default\n\n - Don not save dmesg if kernel.dmesg_restrict=1\n\nlibreport: ==========\n\n - Harden the code against directory traversal, symbolic\n and hard link attacks\n\n - Fix a bug causing that the first value of\n AlwaysExcludedElements was ignored\n\n - Fix missing icon for the 'Stop' button icon name\n\n - Improve development documentation\n\n - Translations updates\n\ngnome-abrt: ===========\n\n - Use DBus to get problem data for detail dialog\n\n - Fix an error introduced with the details on System\n page\n\n - Enabled the Details also for the System problems\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1169774\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1179752\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1193656\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1212821\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1212865\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1212871\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1213485\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1214452\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1214609\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1216975\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1218239\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=986876\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-June/161245.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9e916c0f\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-June/161246.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d3b69026\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-June/161247.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d7b58c5a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected abrt, gnome-abrt and / or libreport packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'ABRT raceabrt Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:abrt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:gnome-abrt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libreport\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:21\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^21([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 21.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC21\", reference:\"abrt-2.3.0-7.fc21\")) flag++;\nif (rpm_check(release:\"FC21\", reference:\"gnome-abrt-1.0.0-3.fc21\")) flag++;\nif (rpm_check(release:\"FC21\", reference:\"libreport-2.3.0-8.fc21\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"abrt / gnome-abrt / libreport\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:56:51", "description": "Security fixes for :\n\n - CVE-2015-3315\n\n - CVE-2015-3142\n\n - CVE-2015-1869\n\n - CVE-2015-1870\n\n - CVE-2015-3151\n\n - CVE-2015-3150\n\n - CVE-2015-3159\n\nabrt :\n\n - Move the default dump location from /var/tmp/abrt to /var/spool/abrt\n\n - Use root for owner of all dump directories\n\n - Stop reading hs_error.log from /tmp\n\n - Don not save the system logs by default\n\n - Don not save dmesg if kernel.dmesg_restrict=1\n\nlibreport :\n\n - Harden the code against directory traversal, symbolic and hard link attacks\n\n - Fix a bug causing that the first value of AlwaysExcludedElements was ignored\n\n - Fix missing icon for the 'Stop' button icon name\n\n - Improve development documentation\n\n - Translations updates\n\ngnome-abrt :\n\n - Enabled the Details also for the System problems\n\n - Do not crash in the testing of availabitlity of XServer\n\n - Fix 'Open problem's data directory'\n\n - Quit Application on Ctrl+Q\n\n - Translation updates\n\nsatyr :\n\n - New kernel taint flags\n\n - More secure core stacktraces from core hook\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-06-22T00:00:00", "type": "nessus", "title": "Fedora 22 : abrt-2.6.0-1.fc22 / gnome-abrt-1.2.0-1.fc22 / libreport-2.6.0-1.fc22 / satyr-0.18-1.fc22 (2015-9886)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1869", "CVE-2015-1870", "CVE-2015-3142", "CVE-2015-3150", "CVE-2015-3151", "CVE-2015-3159", "CVE-2015-3315"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:abrt", "p-cpe:/a:fedoraproject:fedora:gnome-abrt", "p-cpe:/a:fedoraproject:fedora:libreport", "p-cpe:/a:fedoraproject:fedora:satyr", "cpe:/o:fedoraproject:fedora:22"], "id": "FEDORA_2015-9886.NASL", "href": "https://www.tenable.com/plugins/nessus/84312", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-9886.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84312);\n script_version(\"2.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-1869\", \"CVE-2015-1870\", \"CVE-2015-3142\", \"CVE-2015-3150\", \"CVE-2015-3151\", \"CVE-2015-3159\", \"CVE-2015-3315\");\n script_xref(name:\"FEDORA\", value:\"2015-9886\");\n\n script_name(english:\"Fedora 22 : abrt-2.6.0-1.fc22 / gnome-abrt-1.2.0-1.fc22 / libreport-2.6.0-1.fc22 / satyr-0.18-1.fc22 (2015-9886)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fixes for :\n\n - CVE-2015-3315\n\n - CVE-2015-3142\n\n - CVE-2015-1869\n\n - CVE-2015-1870\n\n - CVE-2015-3151\n\n - CVE-2015-3150\n\n - CVE-2015-3159\n\nabrt :\n\n - Move the default dump location from /var/tmp/abrt to\n /var/spool/abrt\n\n - Use root for owner of all dump directories\n\n - Stop reading hs_error.log from /tmp\n\n - Don not save the system logs by default\n\n - Don not save dmesg if kernel.dmesg_restrict=1\n\nlibreport :\n\n - Harden the code against directory traversal, symbolic\n and hard link attacks\n\n - Fix a bug causing that the first value of\n AlwaysExcludedElements was ignored\n\n - Fix missing icon for the 'Stop' button icon name\n\n - Improve development documentation\n\n - Translations updates\n\ngnome-abrt :\n\n - Enabled the Details also for the System problems\n\n - Do not crash in the testing of availabitlity of\n XServer\n\n - Fix 'Open problem's data directory'\n\n - Quit Application on Ctrl+Q\n\n - Translation updates\n\nsatyr :\n\n - New kernel taint flags\n\n - More secure core stacktraces from core hook\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1128400\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1212821\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1212865\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1212871\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1214452\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1214609\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1216975\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1218239\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-June/160568.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c64f5b7d\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-June/160569.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b84b95df\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-June/160570.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b449c29f\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-June/160571.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ca41820c\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'ABRT raceabrt Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:abrt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:gnome-abrt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libreport\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:satyr\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:22\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^22([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 22.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC22\", reference:\"abrt-2.6.0-1.fc22\")) flag++;\nif (rpm_check(release:\"FC22\", reference:\"gnome-abrt-1.2.0-1.fc22\")) flag++;\nif (rpm_check(release:\"FC22\", reference:\"libreport-2.6.0-1.fc22\")) flag++;\nif (rpm_check(release:\"FC22\", reference:\"satyr-0.18-1.fc22\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"abrt / gnome-abrt / libreport / satyr\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:57:15", "description": "It was found that ABRT was vulnerable to multiple race condition and symbolic link flaws. A local attacker could use these flaws to potentially escalate their privileges on the system. (CVE-2015-3315)\n\nIt was discovered that the kernel-invoked coredump processor provided by ABRT wrote core dumps to files owned by other system users. This could result in information disclosure if an application crashed while its current directory was a directory writable to by other users (such as /tmp). (CVE-2015-3142)\n\nIt was discovered that the default event handling scripts installed by ABRT did not handle symbolic links correctly. A local attacker with write access to an ABRT problem directory could use this flaw to escalate their privileges. (CVE-2015-1869)\n\nIt was found that the ABRT event scripts created a user-readable copy of an sosreport file in ABRT problem directories, and included excerpts of /var/log/messages selected by the user-controlled process name, leading to an information disclosure. (CVE-2015-1870)\n\nIt was discovered that, when moving problem reports between certain directories, abrt-handle-upload did not verify that the new problem directory had appropriate permissions and did not contain symbolic links. An attacker able to create a crafted problem report could use this flaw to expose other parts of ABRT to attack, or to overwrite arbitrary files on the system. (CVE-2015-3147)\n\nMultiple directory traversal flaws were found in the abrt-dbus D-Bus service. A local attacker could use these flaws to read and write arbitrary files as the root user. (CVE-2015-3151)\n\nIt was discovered that the abrt-dbus D-Bus service did not properly check the validity of the problem directory argument in the ChownProblemDir, DeleteElement, and DeleteProblem methods. A local attacker could use this flaw to take ownership of arbitrary files and directories, or to delete files and directories as the root user.\n(CVE-2015-3150)\n\nIt was discovered that the abrt-action-install-debuginfo-to-abrt-cache helper program did not properly filter the process environment before invoking abrt-action-install-debuginfo. A local attacker could use this flaw to escalate their privileges on the system. (CVE-2015-3159)", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-06-11T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : abrt on SL7.x x86_64 (20150609)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1869", "CVE-2015-1870", "CVE-2015-3142", "CVE-2015-3147", "CVE-2015-3150", "CVE-2015-3151", "CVE-2015-3159", "CVE-2015-3315"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:abrt", "p-cpe:/a:fermilab:scientific_linux:abrt-addon-ccpp", "p-cpe:/a:fermilab:scientific_linux:abrt-addon-kerneloops", "p-cpe:/a:fermilab:scientific_linux:abrt-addon-pstoreoops", "p-cpe:/a:fermilab:scientific_linux:abrt-addon-python", "p-cpe:/a:fermilab:scientific_linux:abrt-addon-upload-watch", "p-cpe:/a:fermilab:scientific_linux:abrt-addon-vmcore", "p-cpe:/a:fermilab:scientific_linux:abrt-addon-xorg", "p-cpe:/a:fermilab:scientific_linux:abrt-cli", "p-cpe:/a:fermilab:scientific_linux:abrt-console-notification", "p-cpe:/a:fermilab:scientific_linux:abrt-dbus", "p-cpe:/a:fermilab:scientific_linux:abrt-debuginfo", "p-cpe:/a:fermilab:scientific_linux:abrt-desktop", "p-cpe:/a:fermilab:scientific_linux:abrt-devel", "p-cpe:/a:fermilab:scientific_linux:abrt-gui", "p-cpe:/a:fermilab:scientific_linux:abrt-gui-devel", "p-cpe:/a:fermilab:scientific_linux:abrt-gui-libs", "p-cpe:/a:fermilab:scientific_linux:abrt-libs", "p-cpe:/a:fermilab:scientific_linux:abrt-python", "p-cpe:/a:fermilab:scientific_linux:abrt-python-doc", "p-cpe:/a:fermilab:scientific_linux:abrt-retrace-client", "p-cpe:/a:fermilab:scientific_linux:abrt-tui", "p-cpe:/a:fermilab:scientific_linux:libreport", "p-cpe:/a:fermilab:scientific_linux:libreport-anaconda", "p-cpe:/a:fermilab:scientific_linux:libreport-cli", "p-cpe:/a:fermilab:scientific_linux:libreport-compat", "p-cpe:/a:fermilab:scientific_linux:libreport-debuginfo", "p-cpe:/a:fermilab:scientific_linux:libreport-devel", "p-cpe:/a:fermilab:scientific_linux:libreport-filesystem", "p-cpe:/a:fermilab:scientific_linux:libreport-gtk", "p-cpe:/a:fermilab:scientific_linux:libreport-gtk-devel", "p-cpe:/a:fermilab:scientific_linux:libreport-newt", "p-cpe:/a:fermilab:scientific_linux:libreport-plugin-bugzilla", "p-cpe:/a:fermilab:scientific_linux:libreport-plugin-kerneloops", "p-cpe:/a:fermilab:scientific_linux:libreport-plugin-logger", "p-cpe:/a:fermilab:scientific_linux:libreport-plugin-mailx", "p-cpe:/a:fermilab:scientific_linux:libreport-plugin-reportuploader", "p-cpe:/a:fermilab:scientific_linux:libreport-plugin-rhtsupport", "p-cpe:/a:fermilab:scientific_linux:libreport-plugin-ureport", "p-cpe:/a:fermilab:scientific_linux:libreport-python", "p-cpe:/a:fermilab:scientific_linux:libreport-rhel", "p-cpe:/a:fermilab:scientific_linux:libreport-rhel-anaconda-bugzilla", "p-cpe:/a:fermilab:scientific_linux:libreport-rhel-bugzilla", "p-cpe:/a:fermilab:scientific_linux:libreport-web", "p-cpe:/a:fermilab:scientific_linux:libreport-web-devel", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20150609_ABRT_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/84113", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84113);\n script_version(\"2.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-1869\", \"CVE-2015-1870\", \"CVE-2015-3142\", \"CVE-2015-3147\", \"CVE-2015-3150\", \"CVE-2015-3151\", \"CVE-2015-3159\", \"CVE-2015-3315\");\n\n script_name(english:\"Scientific Linux Security Update : abrt on SL7.x x86_64 (20150609)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was found that ABRT was vulnerable to multiple race condition and\nsymbolic link flaws. A local attacker could use these flaws to\npotentially escalate their privileges on the system. (CVE-2015-3315)\n\nIt was discovered that the kernel-invoked coredump processor provided\nby ABRT wrote core dumps to files owned by other system users. This\ncould result in information disclosure if an application crashed while\nits current directory was a directory writable to by other users (such\nas /tmp). (CVE-2015-3142)\n\nIt was discovered that the default event handling scripts installed by\nABRT did not handle symbolic links correctly. A local attacker with\nwrite access to an ABRT problem directory could use this flaw to\nescalate their privileges. (CVE-2015-1869)\n\nIt was found that the ABRT event scripts created a user-readable copy\nof an sosreport file in ABRT problem directories, and included\nexcerpts of /var/log/messages selected by the user-controlled process\nname, leading to an information disclosure. (CVE-2015-1870)\n\nIt was discovered that, when moving problem reports between certain\ndirectories, abrt-handle-upload did not verify that the new problem\ndirectory had appropriate permissions and did not contain symbolic\nlinks. An attacker able to create a crafted problem report could use\nthis flaw to expose other parts of ABRT to attack, or to overwrite\narbitrary files on the system. (CVE-2015-3147)\n\nMultiple directory traversal flaws were found in the abrt-dbus D-Bus\nservice. A local attacker could use these flaws to read and write\narbitrary files as the root user. (CVE-2015-3151)\n\nIt was discovered that the abrt-dbus D-Bus service did not properly\ncheck the validity of the problem directory argument in the\nChownProblemDir, DeleteElement, and DeleteProblem methods. A local\nattacker could use this flaw to take ownership of arbitrary files and\ndirectories, or to delete files and directories as the root user.\n(CVE-2015-3150)\n\nIt was discovered that the abrt-action-install-debuginfo-to-abrt-cache\nhelper program did not properly filter the process environment before\ninvoking abrt-action-install-debuginfo. A local attacker could use\nthis flaw to escalate their privileges on the system. (CVE-2015-3159)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1506&L=scientific-linux-errata&F=&S=&P=6189\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d9046b13\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'ABRT raceabrt Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:abrt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:abrt-addon-ccpp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:abrt-addon-kerneloops\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:abrt-addon-pstoreoops\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:abrt-addon-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:abrt-addon-upload-watch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:abrt-addon-vmcore\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:abrt-addon-xorg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:abrt-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:abrt-console-notification\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:abrt-dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:abrt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:abrt-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:abrt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:abrt-gui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:abrt-gui-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:abrt-gui-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:abrt-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:abrt-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:abrt-python-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:abrt-retrace-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:abrt-tui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libreport\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libreport-anaconda\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libreport-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libreport-compat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libreport-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libreport-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libreport-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libreport-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libreport-gtk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libreport-newt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libreport-plugin-bugzilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libreport-plugin-kerneloops\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libreport-plugin-logger\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libreport-plugin-mailx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libreport-plugin-reportuploader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libreport-plugin-rhtsupport\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libreport-plugin-ureport\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libreport-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libreport-rhel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libreport-rhel-anaconda-bugzilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libreport-rhel-bugzilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libreport-web\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libreport-web-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"abrt-2.1.11-22.el7_1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"abrt-addon-ccpp-2.1.11-22.el7_1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"abrt-addon-kerneloops-2.1.11-22.el7_1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"abrt-addon-pstoreoops-2.1.11-22.el7_1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"abrt-addon-python-2.1.11-22.el7_1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"abrt-addon-upload-watch-2.1.11-22.el7_1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"abrt-addon-vmcore-2.1.11-22.el7_1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"abrt-addon-xorg-2.1.11-22.el7_1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"abrt-cli-2.1.11-22.el7_1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"abrt-console-notification-2.1.11-22.el7_1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"abrt-dbus-2.1.11-22.el7_1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"abrt-debuginfo-2.1.11-22.el7_1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"abrt-desktop-2.1.11-22.el7_1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"abrt-devel-2.1.11-22.el7_1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"abrt-gui-2.1.11-22.el7_1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"abrt-gui-devel-2.1.11-22.el7_1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"abrt-gui-libs-2.1.11-22.el7_1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"abrt-libs-2.1.11-22.el7_1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"abrt-python-2.1.11-22.el7_1\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"abrt-python-doc-2.1.11-22.el7_1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"abrt-retrace-client-2.1.11-22.el7_1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"abrt-tui-2.1.11-22.el7_1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libreport-2.1.11-23.sl7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libreport-anaconda-2.1.11-23.sl7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libreport-cli-2.1.11-23.sl7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libreport-compat-2.1.11-23.sl7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libreport-debuginfo-2.1.11-23.sl7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libreport-devel-2.1.11-23.sl7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libreport-filesystem-2.1.11-23.sl7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libreport-gtk-2.1.11-23.sl7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libreport-gtk-devel-2.1.11-23.sl7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libreport-newt-2.1.11-23.sl7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libreport-plugin-bugzilla-2.1.11-23.sl7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libreport-plugin-kerneloops-2.1.11-23.sl7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libreport-plugin-logger-2.1.11-23.sl7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libreport-plugin-mailx-2.1.11-23.sl7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libreport-plugin-reportuploader-2.1.11-23.sl7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libreport-plugin-rhtsupport-2.1.11-23.sl7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libreport-plugin-ureport-2.1.11-23.sl7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libreport-python-2.1.11-23.sl7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libreport-rhel-2.1.11-23.sl7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libreport-rhel-anaconda-bugzilla-2.1.11-23.sl7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libreport-rhel-bugzilla-2.1.11-23.sl7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libreport-web-2.1.11-23.sl7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libreport-web-devel-2.1.11-23.sl7\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"abrt / abrt-addon-ccpp / abrt-addon-kerneloops / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:56:32", "description": "Updated abrt packages that fix multiple security issues are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nABRT (Automatic Bug Reporting Tool) is a tool to help users to detect defects in applications and to create a bug report with all the information needed by a maintainer to fix it. It uses a plug-in system to extend its functionality.\n\nIt was found that ABRT was vulnerable to multiple race condition and symbolic link flaws. A local attacker could use these flaws to potentially escalate their privileges on the system. (CVE-2015-3315)\n\nIt was discovered that the kernel-invoked coredump processor provided by ABRT wrote core dumps to files owned by other system users. This could result in information disclosure if an application crashed while its current directory was a directory writable to by other users (such as /tmp). (CVE-2015-3142)\n\nIt was discovered that the default event handling scripts installed by ABRT did not handle symbolic links correctly. A local attacker with write access to an ABRT problem directory could use this flaw to escalate their privileges. (CVE-2015-1869)\n\nIt was found that the ABRT event scripts created a user-readable copy of an sosreport file in ABRT problem directories, and included excerpts of /var/log/messages selected by the user-controlled process name, leading to an information disclosure. (CVE-2015-1870)\n\nIt was discovered that, when moving problem reports between certain directories, abrt-handle-upload did not verify that the new problem directory had appropriate permissions and did not contain symbolic links. An attacker able to create a crafted problem report could use this flaw to expose other parts of ABRT to attack, or to overwrite arbitrary files on the system. (CVE-2015-3147)\n\nMultiple directory traversal flaws were found in the abrt-dbus D-Bus service. A local attacker could use these flaws to read and write arbitrary files as the root user. (CVE-2015-3151)\n\nIt was discovered that the abrt-dbus D-Bus service did not properly check the validity of the problem directory argument in the ChownProblemDir, DeleteElement, and DeleteProblem methods. A local attacker could use this flaw to take ownership of arbitrary files and directories, or to delete files and directories as the root user.\n(CVE-2015-3150)\n\nIt was discovered that the abrt-action-install-debuginfo-to-abrt-cache helper program did not properly filter the process environment before invoking abrt-action-install-debuginfo. A local attacker could use this flaw to escalate their privileges on the system. (CVE-2015-3159)\n\nAll users of abrt are advised to upgrade to these updated packages, which correct these issues.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-06-16T00:00:00", "type": "nessus", "title": "CentOS 7 : abrt (CESA-2015:1083)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1869", "CVE-2015-1870", "CVE-2015-3142", "CVE-2015-3147", "CVE-2015-3150", "CVE-2015-3151", "CVE-2015-3159", "CVE-2015-3315"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:abrt", "p-cpe:/a:centos:centos:abrt-addon-ccpp", "p-cpe:/a:centos:centos:abrt-addon-kerneloops", "p-cpe:/a:centos:centos:abrt-addon-pstoreoops", "p-cpe:/a:centos:centos:abrt-addon-python", "p-cpe:/a:centos:centos:abrt-addon-upload-watch", "p-cpe:/a:centos:centos:abrt-addon-vmcore", "p-cpe:/a:centos:centos:abrt-addon-xorg", "p-cpe:/a:centos:centos:abrt-cli", "p-cpe:/a:centos:centos:abrt-console-notification", "p-cpe:/a:centos:centos:abrt-dbus", "p-cpe:/a:centos:centos:abrt-desktop", "p-cpe:/a:centos:centos:abrt-devel", "p-cpe:/a:centos:centos:abrt-gui", "p-cpe:/a:centos:centos:abrt-gui-devel", "p-cpe:/a:centos:centos:abrt-gui-libs", "p-cpe:/a:centos:centos:abrt-libs", "p-cpe:/a:centos:centos:abrt-python", "p-cpe:/a:centos:centos:abrt-python-doc", "p-cpe:/a:centos:centos:abrt-retrace-client", "p-cpe:/a:centos:centos:abrt-tui", "p-cpe:/a:centos:centos:libreport", "p-cpe:/a:centos:centos:libreport-anaconda", "p-cpe:/a:centos:centos:libreport-centos", "p-cpe:/a:centos:centos:libreport-cli", "p-cpe:/a:centos:centos:libreport-compat", "p-cpe:/a:centos:centos:libreport-devel", "p-cpe:/a:centos:centos:libreport-filesystem", "p-cpe:/a:centos:centos:libreport-gtk", "p-cpe:/a:centos:centos:libreport-gtk-devel", "p-cpe:/a:centos:centos:libreport-newt", "p-cpe:/a:centos:centos:libreport-plugin-bugzilla", "p-cpe:/a:centos:centos:libreport-plugin-kerneloops", "p-cpe:/a:centos:centos:libreport-plugin-logger", "p-cpe:/a:centos:centos:libreport-plugin-mailx", "p-cpe:/a:centos:centos:libreport-plugin-mantisbt", "p-cpe:/a:centos:centos:libreport-plugin-reportuploader", "p-cpe:/a:centos:centos:libreport-plugin-rhtsupport", "p-cpe:/a:centos:centos:libreport-plugin-ureport", "p-cpe:/a:centos:centos:libreport-python", "p-cpe:/a:centos:centos:libreport-rhel", "p-cpe:/a:centos:centos:libreport-rhel-anaconda-bugzilla", "p-cpe:/a:centos:centos:libreport-rhel-bugzilla", "p-cpe:/a:centos:centos:libreport-web", "p-cpe:/a:centos:centos:libreport-web-devel", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2015-1083.NASL", "href": "https://www.tenable.com/plugins/nessus/84197", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:1083 and \n# CentOS Errata and Security Advisory 2015:1083 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84197);\n script_version(\"2.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2015-1869\", \"CVE-2015-1870\", \"CVE-2015-3142\", \"CVE-2015-3147\", \"CVE-2015-3150\", \"CVE-2015-3151\", \"CVE-2015-3159\", \"CVE-2015-3315\");\n script_bugtraq_id(75116, 75117, 75118, 75119, 75122, 75124, 75128, 75129);\n script_xref(name:\"RHSA\", value:\"2015:1083\");\n\n script_name(english:\"CentOS 7 : abrt (CESA-2015:1083)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated abrt packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nABRT (Automatic Bug Reporting Tool) is a tool to help users to detect\ndefects in applications and to create a bug report with all the\ninformation needed by a maintainer to fix it. It uses a plug-in system\nto extend its functionality.\n\nIt was found that ABRT was vulnerable to multiple race condition and\nsymbolic link flaws. A local attacker could use these flaws to\npotentially escalate their privileges on the system. (CVE-2015-3315)\n\nIt was discovered that the kernel-invoked coredump processor provided\nby ABRT wrote core dumps to files owned by other system users. This\ncould result in information disclosure if an application crashed while\nits current directory was a directory writable to by other users (such\nas /tmp). (CVE-2015-3142)\n\nIt was discovered that the default event handling scripts installed by\nABRT did not handle symbolic links correctly. A local attacker with\nwrite access to an ABRT problem directory could use this flaw to\nescalate their privileges. (CVE-2015-1869)\n\nIt was found that the ABRT event scripts created a user-readable copy\nof an sosreport file in ABRT problem directories, and included\nexcerpts of /var/log/messages selected by the user-controlled process\nname, leading to an information disclosure. (CVE-2015-1870)\n\nIt was discovered that, when moving problem reports between certain\ndirectories, abrt-handle-upload did not verify that the new problem\ndirectory had appropriate permissions and did not contain symbolic\nlinks. An attacker able to create a crafted problem report could use\nthis flaw to expose other parts of ABRT to attack, or to overwrite\narbitrary files on the system. (CVE-2015-3147)\n\nMultiple directory traversal flaws were found in the abrt-dbus D-Bus\nservice. A local attacker could use these flaws to read and write\narbitrary files as the root user. (CVE-2015-3151)\n\nIt was discovered that the abrt-dbus D-Bus service did not properly\ncheck the validity of the problem directory argument in the\nChownProblemDir, DeleteElement, and DeleteProblem methods. A local\nattacker could use this flaw to take ownership of arbitrary files and\ndirectories, or to delete files and directories as the root user.\n(CVE-2015-3150)\n\nIt was discovered that the abrt-action-install-debuginfo-to-abrt-cache\nhelper program did not properly filter the process environment before\ninvoking abrt-action-install-debuginfo. A local attacker could use\nthis flaw to escalate their privileges on the system. (CVE-2015-3159)\n\nAll users of abrt are advised to upgrade to these updated packages,\nwhich correct these issues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2015-June/021170.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?24a453ec\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected abrt packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-3315\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'ABRT raceabrt Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:abrt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:abrt-addon-ccpp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:abrt-addon-kerneloops\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:abrt-addon-pstoreoops\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:abrt-addon-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:abrt-addon-upload-watch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:abrt-addon-vmcore\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:abrt-addon-xorg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:abrt-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:abrt-console-notification\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:abrt-dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:abrt-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:abrt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:abrt-gui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:abrt-gui-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:abrt-gui-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:abrt-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:abrt-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:abrt-python-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:abrt-retrace-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:abrt-tui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libreport\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libreport-anaconda\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libreport-centos\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libreport-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libreport-compat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libreport-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libreport-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libreport-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libreport-gtk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libreport-newt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libreport-plugin-bugzilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libreport-plugin-kerneloops\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libreport-plugin-logger\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libreport-plugin-mailx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libreport-plugin-mantisbt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libreport-plugin-reportuploader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libreport-plugin-rhtsupport\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libreport-plugin-ureport\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libreport-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libreport-rhel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libreport-rhel-anaconda-bugzilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libreport-rhel-bugzilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libreport-web\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libreport-web-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"abrt-2.1.11-22.el7.centos.0.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"abrt-addon-ccpp-2.1.11-22.el7.centos.0.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"abrt-addon-kerneloops-2.1.11-22.el7.centos.0.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"abrt-addon-pstoreoops-2.1.11-22.el7.centos.0.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"abrt-addon-python-2.1.11-22.el7.centos.0.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"abrt-addon-upload-watch-2.1.11-22.el7.centos.0.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"abrt-addon-vmcore-2.1.11-22.el7.centos.0.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"abrt-addon-xorg-2.1.11-22.el7.centos.0.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"abrt-cli-2.1.11-22.el7.centos.0.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"abrt-console-notification-2.1.11-22.el7.centos.0.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"abrt-dbus-2.1.11-22.el7.centos.0.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"abrt-desktop-2.1.11-22.el7.centos.0.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"abrt-devel-2.1.11-22.el7.centos.0.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"abrt-gui-2.1.11-22.el7.centos.0.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"abrt-gui-devel-2.1.11-22.el7.centos.0.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"abrt-gui-libs-2.1.11-22.el7.centos.0.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"abrt-libs-2.1.11-22.el7.centos.0.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"abrt-python-2.1.11-22.el7.centos.0.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"abrt-python-doc-2.1.11-22.el7.centos.0.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"abrt-retrace-client-2.1.11-22.el7.centos.0.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"abrt-tui-2.1.11-22.el7.centos.0.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libreport-2.1.11-23.el7.centos.0.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libreport-anaconda-2.1.11-23.el7.centos.0.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libreport-centos-2.1.11-23.el7.centos.0.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libreport-cli-2.1.11-23.el7.centos.0.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libreport-compat-2.1.11-23.el7.centos.0.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libreport-devel-2.1.11-23.el7.centos.0.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libreport-filesystem-2.1.11-23.el7.centos.0.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libreport-gtk-2.1.11-23.el7.centos.0.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libreport-gtk-devel-2.1.11-23.el7.centos.0.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libreport-newt-2.1.11-23.el7.centos.0.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libreport-plugin-bugzilla-2.1.11-23.el7.centos.0.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libreport-plugin-kerneloops-2.1.11-23.el7.centos.0.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libreport-plugin-logger-2.1.11-23.el7.centos.0.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libreport-plugin-mailx-2.1.11-23.el7.centos.0.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libreport-plugin-mantisbt-2.1.11-23.el7.centos.0.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libreport-plugin-reportuploader-2.1.11-23.el7.centos.0.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libreport-plugin-rhtsupport-2.1.11-23.el7.centos.0.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libreport-plugin-ureport-2.1.11-23.el7.centos.0.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libreport-python-2.1.11-23.el7.centos.0.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libreport-rhel-2.1.11-23.el7.centos.0.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libreport-rhel-anaconda-bugzilla-2.1.11-23.el7.centos.0.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libreport-rhel-bugzilla-2.1.11-23.el7.centos.0.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libreport-web-2.1.11-23.el7.centos.0.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libreport-web-devel-2.1.11-23.el7.centos.0.1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"abrt / abrt-addon-ccpp / abrt-addon-kerneloops / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:56:46", "description": "Updated abrt packages that fix multiple security issues are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nABRT (Automatic Bug Reporting Tool) is a tool to help users to detect defects in applications and to create a bug report with all the information needed by a maintainer to fix it. It uses a plug-in system to extend its functionality.\n\nIt was found that ABRT was vulnerable to multiple race condition and symbolic link flaws. A local attacker could use these flaws to potentially escalate their privileges on the system. (CVE-2015-3315)\n\nIt was discovered that the kernel-invoked coredump processor provided by ABRT wrote core dumps to files owned by other system users. This could result in information disclosure if an application crashed while its current directory was a directory writable to by other users (such as /tmp). (CVE-2015-3142)\n\nIt was discovered that the default event handling scripts installed by ABRT did not handle symbolic links correctly. A local attacker with write access to an ABRT problem directory could use this flaw to escalate their privileges. (CVE-2015-1869)\n\nIt was found that the ABRT event scripts created a user-readable copy of an sosreport file in ABRT problem directories, and included excerpts of /var/log/messages selected by the user-controlled process name, leading to an information disclosure. (CVE-2015-1870)\n\nIt was discovered that, when moving problem reports between certain directories, abrt-handle-upload did not verify that the new problem directory had appropriate permissions and did not contain symbolic links. An attacker able to create a crafted problem report could use this flaw to expose other parts of ABRT to attack, or to overwrite arbitrary files on the system. (CVE-2015-3147)\n\nMultiple directory traversal flaws were found in the abrt-dbus D-Bus service. A local attacker could use these flaws to read and write arbitrary files as the root user. (CVE-2015-3151)\n\nIt was discovered that the abrt-dbus D-Bus service did not properly check the validity of the problem directory argument in the ChownProblemDir, DeleteElement, and DeleteProblem methods. A local attacker could use this flaw to take ownership of arbitrary files and directories, or to delete files and directories as the root user.\n(CVE-2015-3150)\n\nIt was discovered that the abrt-action-install-debuginfo-to-abrt-cache helper program did not properly filter the process environment before invoking abrt-action-install-debuginfo. A local attacker could use this flaw to escalate their privileges on the system. (CVE-2015-3159)\n\nAll users of abrt are advised to upgrade to these updated packages, which correct these issues.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-06-10T00:00:00", "type": "nessus", "title": "RHEL 7 : abrt (RHSA-2015:1083)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1869", "CVE-2015-1870", "CVE-2015-3142", "CVE-2015-3147", "CVE-2015-3150", "CVE-2015-3151", "CVE-2015-3159", "CVE-2015-3315"], "modified": "2021-02-05T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:abrt", "p-cpe:/a:redhat:enterprise_linux:abrt-addon-ccpp", "p-cpe:/a:redhat:enterprise_linux:abrt-addon-kerneloops", "p-cpe:/a:redhat:enterprise_linux:abrt-addon-pstoreoops", "p-cpe:/a:redhat:enterprise_linux:abrt-addon-python", "p-cpe:/a:redhat:enterprise_linux:abrt-addon-upload-watch", "p-cpe:/a:redhat:enterprise_linux:abrt-addon-vmcore", "p-cpe:/a:redhat:enterprise_linux:abrt-addon-xorg", "p-cpe:/a:redhat:enterprise_linux:abrt-cli", "p-cpe:/a:redhat:enterprise_linux:abrt-console-notification", "p-cpe:/a:redhat:enterprise_linux:abrt-dbus", "p-cpe:/a:redhat:enterprise_linux:abrt-debuginfo", "p-cpe:/a:redhat:enterprise_linux:abrt-desktop", "p-cpe:/a:redhat:enterprise_linux:abrt-devel", "p-cpe:/a:redhat:enterprise_linux:abrt-gui", "p-cpe:/a:redhat:enterprise_linux:abrt-gui-devel", "p-cpe:/a:redhat:enterprise_linux:abrt-gui-libs", "p-cpe:/a:redhat:enterprise_linux:abrt-libs", "p-cpe:/a:redhat:enterprise_linux:abrt-python", "p-cpe:/a:redhat:enterprise_linux:abrt-python-doc", "p-cpe:/a:redhat:enterprise_linux:abrt-retrace-client", "p-cpe:/a:redhat:enterprise_linux:abrt-tui", "p-cpe:/a:redhat:enterprise_linux:libreport", "p-cpe:/a:redhat:enterprise_linux:libreport-anaconda", "p-cpe:/a:redhat:enterprise_linux:libreport-cli", "p-cpe:/a:redhat:enterprise_linux:libreport-compat", "p-cpe:/a:redhat:enterprise_linux:libreport-debuginfo", "p-cpe:/a:redhat:enterprise_linux:libreport-devel", "p-cpe:/a:redhat:enterprise_linux:libreport-filesystem", "p-cpe:/a:redhat:enterprise_linux:libreport-gtk", "p-cpe:/a:redhat:enterprise_linux:libreport-gtk-devel", "p-cpe:/a:redhat:enterprise_linux:libreport-newt", "p-cpe:/a:redhat:enterprise_linux:libreport-plugin-bugzilla", "p-cpe:/a:redhat:enterprise_linux:libreport-plugin-kerneloops", "p-cpe:/a:redhat:enterprise_linux:libreport-plugin-logger", "p-cpe:/a:redhat:enterprise_linux:libreport-plugin-mailx", "p-cpe:/a:redhat:enterprise_linux:libreport-plugin-reportuploader", "p-cpe:/a:redhat:enterprise_linux:libreport-plugin-rhtsupport", "p-cpe:/a:redhat:enterprise_linux:libreport-plugin-ureport", "p-cpe:/a:redhat:enterprise_linux:libreport-python", "p-cpe:/a:redhat:enterprise_linux:libreport-rhel", "p-cpe:/a:redhat:enterprise_linux:libreport-rhel-anaconda-bugzilla", "p-cpe:/a:redhat:enterprise_linux:libreport-rhel-bugzilla", "p-cpe:/a:redhat:enterprise_linux:libreport-web", "p-cpe:/a:redhat:enterprise_linux:libreport-web-devel", "cpe:/o:redhat:enterprise_linux:7", "cpe:/o:redhat:enterprise_linux:7.1", "cpe:/o:redhat:enterprise_linux:7.2", "cpe:/o:redhat:enterprise_linux:7.3", "cpe:/o:redhat:enterprise_linux:7.4", "cpe:/o:redhat:enterprise_linux:7.5", "cpe:/o:redhat:enterprise_linux:7.6", "cpe:/o:redhat:enterprise_linux:7.7"], "id": "REDHAT-RHSA-2015-1083.NASL", "href": "https://www.tenable.com/plugins/nessus/84077", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:1083. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(84077);\n script_version(\"2.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/02/05\");\n\n script_cve_id(\"CVE-2015-1869\", \"CVE-2015-1870\", \"CVE-2015-3142\", \"CVE-2015-3147\", \"CVE-2015-3150\", \"CVE-2015-3151\", \"CVE-2015-3159\", \"CVE-2015-3315\");\n script_bugtraq_id(75116, 75117, 75118, 75119, 75122, 75124, 75128, 75129);\n script_xref(name:\"RHSA\", value:\"2015:1083\");\n\n script_name(english:\"RHEL 7 : abrt (RHSA-2015:1083)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Updated abrt packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nABRT (Automatic Bug Reporting Tool) is a tool to help users to detect\ndefects in applications and to create a bug report with all the\ninformation needed by a maintainer to fix it. It uses a plug-in system\nto extend its functionality.\n\nIt was found that ABRT was vulnerable to multiple race condition and\nsymbolic link flaws. A local attacker could use these flaws to\npotentially escalate their privileges on the system. (CVE-2015-3315)\n\nIt was discovered that the kernel-invoked coredump processor provided\nby ABRT wrote core dumps to files owned by other system users. This\ncould result in information disclosure if an application crashed while\nits current directory was a directory writable to by other users (such\nas /tmp). (CVE-2015-3142)\n\nIt was discovered that the default event handling scripts installed by\nABRT did not handle symbolic links correctly. A local attacker with\nwrite access to an ABRT problem directory could use this flaw to\nescalate their privileges. (CVE-2015-1869)\n\nIt was found that the ABRT event scripts created a user-readable copy\nof an sosreport file in ABRT problem directories, and included\nexcerpts of /var/log/messages selected by the user-controlled process\nname, leading to an information disclosure. (CVE-2015-1870)\n\nIt was discovered that, when moving problem reports between certain\ndirectories, abrt-handle-upload did not verify that the new problem\ndirectory had appropriate permissions and did not contain symbolic\nlinks. An attacker able to create a crafted problem report could use\nthis flaw to expose other parts of ABRT to attack, or to overwrite\narbitrary files on the system. (CVE-2015-3147)\n\nMultiple directory traversal flaws were found in the abrt-dbus D-Bus\nservice. A local attacker could use these flaws to read and write\narbitrary files as the root user. (CVE-2015-3151)\n\nIt was discovered that the abrt-dbus D-Bus service did not properly\ncheck the validity of the problem directory argument in the\nChownProblemDir, DeleteElement, and DeleteProblem methods. A local\nattacker could use this flaw to take ownership of arbitrary files and\ndirectories, or to delete files and directories as the root user.\n(CVE-2015-3150)\n\nIt was discovered that the abrt-action-install-debuginfo-to-abrt-cache\nhelper program did not properly filter the process environment before\ninvoking abrt-action-install-debuginfo. A local attacker could use\nthis flaw to escalate their privileges on the system. (CVE-2015-3159)\n\nAll users of abrt are advised to upgrade to these updated packages,\nwhich correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2015:1083\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-3315\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-1870\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-3150\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-3151\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-3142\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-1869\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-3147\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-3159\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:X/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'ABRT raceabrt Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:abrt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:abrt-addon-ccpp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:abrt-addon-kerneloops\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:abrt-addon-pstoreoops\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:abrt-addon-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:abrt-addon-upload-watch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:abrt-addon-vmcore\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:abrt-addon-xorg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:abrt-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:abrt-console-notification\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:abrt-dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:abrt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:abrt-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:abrt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:abrt-gui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:abrt-gui-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:abrt-gui-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:abrt-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:abrt-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:abrt-python-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:abrt-retrace-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:abrt-tui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libreport\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libreport-anaconda\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libreport-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libreport-compat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libreport-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libreport-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libreport-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libreport-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libreport-gtk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libreport-newt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libreport-plugin-bugzilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libreport-plugin-kerneloops\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libreport-plugin-logger\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libreport-plugin-mailx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libreport-plugin-reportuploader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libreport-plugin-rhtsupport\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libreport-plugin-ureport\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libreport-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libreport-rhel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libreport-rhel-anaconda-bugzilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libreport-rhel-bugzilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libreport-web\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libreport-web-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2015:1083\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"abrt-2.1.11-22.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"abrt-2.1.11-22.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"abrt-addon-ccpp-2.1.11-22.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"abrt-addon-ccpp-2.1.11-22.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"abrt-addon-kerneloops-2.1.11-22.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"abrt-addon-kerneloops-2.1.11-22.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"abrt-addon-pstoreoops-2.1.11-22.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"abrt-addon-pstoreoops-2.1.11-22.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"abrt-addon-python-2.1.11-22.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"abrt-addon-python-2.1.11-22.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"abrt-addon-upload-watch-2.1.11-22.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"abrt-addon-upload-watch-2.1.11-22.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"abrt-addon-vmcore-2.1.11-22.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"abrt-addon-vmcore-2.1.11-22.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"abrt-addon-xorg-2.1.11-22.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"abrt-addon-xorg-2.1.11-22.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"abrt-cli-2.1.11-22.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"abrt-cli-2.1.11-22.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"abrt-console-notification-2.1.11-22.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"abrt-console-notification-2.1.11-22.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"abrt-dbus-2.1.11-22.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"abrt-dbus-2.1.11-22.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"abrt-debuginfo-2.1.11-22.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"abrt-desktop-2.1.11-22.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"abrt-desktop-2.1.11-22.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"abrt-devel-2.1.11-22.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"abrt-gui-2.1.11-22.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"abrt-gui-2.1.11-22.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"abrt-gui-devel-2.1.11-22.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"abrt-gui-libs-2.1.11-22.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"abrt-libs-2.1.11-22.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"abrt-python-2.1.11-22.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"abrt-python-2.1.11-22.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"abrt-python-doc-2.1.11-22.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"abrt-retrace-client-2.1.11-22.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"abrt-retrace-client-2.1.11-22.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"abrt-tui-2.1.11-22.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"abrt-tui-2.1.11-22.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libreport-2.1.11-23.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"libreport-anaconda-2.1.11-23.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libreport-anaconda-2.1.11-23.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"libreport-cli-2.1.11-23.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libreport-cli-2.1.11-23.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"libreport-compat-2.1.11-23.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libreport-compat-2.1.11-23.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libreport-debuginfo-2.1.11-23.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libreport-devel-2.1.11-23.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"libreport-filesystem-2.1.11-23.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libreport-filesystem-2.1.11-23.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libreport-gtk-2.1.11-23.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libreport-gtk-devel-2.1.11-23.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"libreport-newt-2.1.11-23.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libreport-newt-2.1.11-23.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"libreport-plugin-bugzilla-2.1.11-23.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libreport-plugin-bugzilla-2.1.11-23.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"libreport-plugin-kerneloops-2.1.11-23.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libreport-plugin-kerneloops-2.1.11-23.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"libreport-plugin-logger-2.1.11-23.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libreport-plugin-logger-2.1.11-23.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"libreport-plugin-mailx-2.1.11-23.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libreport-plugin-mailx-2.1.11-23.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"libreport-plugin-reportuploader-2.1.11-23.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libreport-plugin-reportuploader-2.1.11-23.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"libreport-plugin-rhtsupport-2.1.11-23.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libreport-plugin-rhtsupport-2.1.11-23.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"libreport-plugin-ureport-2.1.11-23.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libreport-plugin-ureport-2.1.11-23.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"libreport-python-2.1.11-23.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libreport-python-2.1.11-23.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"libreport-rhel-2.1.11-23.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libreport-rhel-2.1.11-23.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"libreport-rhel-anaconda-bugzilla-2.1.11-23.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libreport-rhel-anaconda-bugzilla-2.1.11-23.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"libreport-rhel-bugzilla-2.1.11-23.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libreport-rhel-bugzilla-2.1.11-23.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libreport-web-2.1.11-23.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"libreport-web-devel-2.1.11-23.el7_1\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"abrt / abrt-addon-ccpp / abrt-addon-kerneloops / etc\");\n }\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:57:15", "description": "From Red Hat Security Advisory 2015:1083 :\n\nUpdated abrt packages that fix multiple security issues are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nABRT (Automatic Bug Reporting Tool) is a tool to help users to detect defects in applications and to create a bug report with all the information needed by a maintainer to fix it. It uses a plug-in system to extend its functionality.\n\nIt was found that ABRT was vulnerable to multiple race condition and symbolic link flaws. A local attacker could use these flaws to potentially escalate their privileges on the system. (CVE-2015-3315)\n\nIt was discovered that the kernel-invoked coredump processor provided by ABRT wrote core dumps to files owned by other system users. This could result in information disclosure if an application crashed while its current directory was a directory writable to by other users (such as /tmp). (CVE-2015-3142)\n\nIt was discovered that the default event handling scripts installed by ABRT did not handle symbolic links correctly. A local attacker with write access to an ABRT problem directory could use this flaw to escalate their privileges. (CVE-2015-1869)\n\nIt was found that the ABRT event scripts created a user-readable copy of an sosreport file in ABRT problem directories, and included excerpts of /var/log/messages selected by the user-controlled process name, leading to an information disclosure. (CVE-2015-1870)\n\nIt was discovered that, when moving problem reports between certain directories, abrt-handle-upload did not verify that the new problem directory had appropriate permissions and did not contain symbolic links. An attacker able to create a crafted problem report could use this flaw to expose other parts of ABRT to attack, or to overwrite arbitrary files on the system. (CVE-2015-3147)\n\nMultiple directory traversal flaws were found in the abrt-dbus D-Bus service. A local attacker could use these flaws to read and write arbitrary files as the root user. (CVE-2015-3151)\n\nIt was discovered that the abrt-dbus D-Bus service did not properly check the validity of the problem directory argument in the ChownProblemDir, DeleteElement, and DeleteProblem methods. A local attacker could use this flaw to take ownership of arbitrary files and directories, or to delete files and directories as the root user.\n(CVE-2015-3150)\n\nIt was discovered that the abrt-action-install-debuginfo-to-abrt-cache helper program did not properly filter the process environment before invoking abrt-action-install-debuginfo. A local attacker could use this flaw to escalate their privileges on the system. (CVE-2015-3159)\n\nAll users of abrt are advised to upgrade to these updated packages, which correct these issues.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-06-10T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : abrt (ELSA-2015-1083)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1869", "CVE-2015-1870", "CVE-2015-3142", "CVE-2015-3147", "CVE-2015-3150", "CVE-2015-3151", "CVE-2015-3159", "CVE-2015-3315"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:abrt", "p-cpe:/a:oracle:linux:abrt-addon-ccpp", "p-cpe:/a:oracle:linux:abrt-addon-kerneloops", "p-cpe:/a:oracle:linux:abrt-addon-pstoreoops", "p-cpe:/a:oracle:linux:abrt-addon-python", "p-cpe:/a:oracle:linux:abrt-addon-upload-watch", "p-cpe:/a:oracle:linux:abrt-addon-vmcore", "p-cpe:/a:oracle:linux:abrt-addon-xorg", "p-cpe:/a:oracle:linux:abrt-cli", "p-cpe:/a:oracle:linux:abrt-console-notification", "p-cpe:/a:oracle:linux:abrt-dbus", "p-cpe:/a:oracle:linux:abrt-desktop", "p-cpe:/a:oracle:linux:abrt-devel", "p-cpe:/a:oracle:linux:abrt-gui", "p-cpe:/a:oracle:linux:abrt-gui-devel", "p-cpe:/a:oracle:linux:abrt-gui-libs", "p-cpe:/a:oracle:linux:abrt-libs", "p-cpe:/a:oracle:linux:abrt-python", "p-cpe:/a:oracle:linux:abrt-python-doc", "p-cpe:/a:oracle:linux:abrt-retrace-client", "p-cpe:/a:oracle:linux:abrt-tui", "p-cpe:/a:oracle:linux:libreport", "p-cpe:/a:oracle:linux:libreport-anaconda", "p-cpe:/a:oracle:linux:libreport-cli", "p-cpe:/a:oracle:linux:libreport-compat", "p-cpe:/a:oracle:linux:libreport-devel", "p-cpe:/a:oracle:linux:libreport-filesystem", "p-cpe:/a:oracle:linux:libreport-gtk", "p-cpe:/a:oracle:linux:libreport-gtk-devel", "p-cpe:/a:oracle:linux:libreport-newt", "p-cpe:/a:oracle:linux:libreport-plugin-bugzilla", "p-cpe:/a:oracle:linux:libreport-plugin-kerneloops", "p-cpe:/a:oracle:linux:libreport-plugin-logger", "p-cpe:/a:oracle:linux:libreport-plugin-mailx", "p-cpe:/a:oracle:linux:libreport-plugin-reportuploader", "p-cpe:/a:oracle:linux:libreport-plugin-ureport", "p-cpe:/a:oracle:linux:libreport-python", "p-cpe:/a:oracle:linux:libreport-rhel-anaconda-bugzilla", "p-cpe:/a:oracle:linux:libreport-rhel-bugzilla", "p-cpe:/a:oracle:linux:libreport-web", "p-cpe:/a:oracle:linux:libreport-web-devel", "cpe:/o:oracle:linux:7"], "id": "ORACLELINUX_ELSA-2015-1083.NASL", "href": "https://www.tenable.com/plugins/nessus/84074", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2015:1083 and \n# Oracle Linux Security Advisory ELSA-2015-1083 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84074);\n script_version(\"2.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-1869\", \"CVE-2015-1870\", \"CVE-2015-3142\", \"CVE-2015-3147\", \"CVE-2015-3150\", \"CVE-2015-3151\", \"CVE-2015-3159\", \"CVE-2015-3315\");\n script_bugtraq_id(75116, 75117, 75118, 75119, 75122, 75124, 75128, 75129);\n script_xref(name:\"RHSA\", value:\"2015:1083\");\n\n script_name(english:\"Oracle Linux 7 : abrt (ELSA-2015-1083)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2015:1083 :\n\nUpdated abrt packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nABRT (Automatic Bug Reporting Tool) is a tool to help users to detect\ndefects in applications and to create a bug report with all the\ninformation needed by a maintainer to fix it. It uses a plug-in system\nto extend its functionality.\n\nIt was found that ABRT was vulnerable to multiple race condition and\nsymbolic link flaws. A local attacker could use these flaws to\npotentially escalate their privileges on the system. (CVE-2015-3315)\n\nIt was discovered that the kernel-invoked coredump processor provided\nby ABRT wrote core dumps to files owned by other system users. This\ncould result in information disclosure if an application crashed while\nits current directory was a directory writable to by other users (such\nas /tmp). (CVE-2015-3142)\n\nIt was discovered that the default event handling scripts installed by\nABRT did not handle symbolic links correctly. A local attacker with\nwrite access to an ABRT problem directory could use this flaw to\nescalate their privileges. (CVE-2015-1869)\n\nIt was found that the ABRT event scripts created a user-readable copy\nof an sosreport file in ABRT problem directories, and included\nexcerpts of /var/log/messages selected by the user-controlled process\nname, leading to an information disclosure. (CVE-2015-1870)\n\nIt was discovered that, when moving problem reports between certain\ndirectories, abrt-handle-upload did not verify that the new problem\ndirectory had appropriate permissions and did not contain symbolic\nlinks. An attacker able to create a crafted problem report could use\nthis flaw to expose other parts of ABRT to attack, or to overwrite\narbitrary files on the system. (CVE-2015-3147)\n\nMultiple directory traversal flaws were found in the abrt-dbus D-Bus\nservice. A local attacker could use these flaws to read and write\narbitrary files as the root user. (CVE-2015-3151)\n\nIt was discovered that the abrt-dbus D-Bus service did not properly\ncheck the validity of the problem directory argument in the\nChownProblemDir, DeleteElement, and DeleteProblem methods. A local\nattacker could use this flaw to take ownership of arbitrary files and\ndirectories, or to delete files and directories as the root user.\n(CVE-2015-3150)\n\nIt was discovered that the abrt-action-install-debuginfo-to-abrt-cache\nhelper program did not properly filter the process environment before\ninvoking abrt-action-install-debuginfo. A local attacker could use\nthis flaw to escalate their privileges on the system. (CVE-2015-3159)\n\nAll users of abrt are advised to upgrade to these updated packages,\nwhich correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2015-June/005106.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected abrt packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'ABRT raceabrt Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:abrt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:abrt-addon-ccpp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:abrt-addon-kerneloops\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:abrt-addon-pstoreoops\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:abrt-addon-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:abrt-addon-upload-watch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:abrt-addon-vmcore\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:abrt-addon-xorg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:abrt-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:abrt-console-notification\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:abrt-dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:abrt-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:abrt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:abrt-gui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:abrt-gui-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:abrt-gui-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:abrt-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:abrt-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:abrt-python-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:abrt-retrace-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:abrt-tui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libreport\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libreport-anaconda\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libreport-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libreport-compat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libreport-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libreport-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libreport-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libreport-gtk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libreport-newt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libreport-plugin-bugzilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libreport-plugin-kerneloops\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libreport-plugin-logger\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libreport-plugin-mailx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libreport-plugin-reportuploader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libreport-plugin-ureport\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libreport-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libreport-rhel-anaconda-bugzilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libreport-rhel-bugzilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libreport-web\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libreport-web-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"abrt-2.1.11-22.0.1.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"abrt-addon-ccpp-2.1.11-22.0.1.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"abrt-addon-kerneloops-2.1.11-22.0.1.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"abrt-addon-pstoreoops-2.1.11-22.0.1.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"abrt-addon-python-2.1.11-22.0.1.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"abrt-addon-upload-watch-2.1.11-22.0.1.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"abrt-addon-vmcore-2.1.11-22.0.1.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"abrt-addon-xorg-2.1.11-22.0.1.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"abrt-cli-2.1.11-22.0.1.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"abrt-console-notification-2.1.11-22.0.1.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"abrt-dbus-2.1.11-22.0.1.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"abrt-desktop-2.1.11-22.0.1.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"abrt-devel-2.1.11-22.0.1.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"abrt-gui-2.1.11-22.0.1.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"abrt-gui-devel-2.1.11-22.0.1.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"abrt-gui-libs-2.1.11-22.0.1.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"abrt-libs-2.1.11-22.0.1.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"abrt-python-2.1.11-22.0.1.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"abrt-python-doc-2.1.11-22.0.1.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"abrt-retrace-client-2.1.11-22.0.1.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"abrt-tui-2.1.11-22.0.1.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libreport-2.1.11-23.0.1.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libreport-anaconda-2.1.11-23.0.1.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libreport-cli-2.1.11-23.0.1.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libreport-compat-2.1.11-23.0.1.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libreport-devel-2.1.11-23.0.1.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libreport-filesystem-2.1.11-23.0.1.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libreport-gtk-2.1.11-23.0.1.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libreport-gtk-devel-2.1.11-23.0.1.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libreport-newt-2.1.11-23.0.1.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libreport-plugin-bugzilla-2.1.11-23.0.1.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libreport-plugin-kerneloops-2.1.11-23.0.1.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libreport-plugin-logger-2.1.11-23.0.1.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libreport-plugin-mailx-2.1.11-23.0.1.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libreport-plugin-reportuploader-2.1.11-23.0.1.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libreport-plugin-ureport-2.1.11-23.0.1.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libreport-python-2.1.11-23.0.1.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libreport-rhel-anaconda-bugzilla-2.1.11-23.0.1.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libreport-rhel-bugzilla-2.1.11-23.0.1.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libreport-web-2.1.11-23.0.1.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"libreport-web-devel-2.1.11-23.0.1.el7_1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"abrt / abrt-addon-ccpp / abrt-addon-kerneloops / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "centos": [{"lastseen": "2023-01-01T04:43:36", "description": "**CentOS Errata and Security Advisory** CESA-2015:1083\n\n\nABRT (Automatic Bug Reporting Tool) is a tool to help users to detect\ndefects in applications and to create a bug report with all the information\nneeded by a maintainer to fix it. It uses a plug-in system to extend its\nfunctionality. \n\nIt was found that ABRT was vulnerable to multiple race condition and \nsymbolic link flaws. A local attacker could use these flaws to potentially \nescalate their privileges on the system. (CVE-2015-3315)\n\nIt was discovered that the kernel-invoked coredump processor provided by \nABRT wrote core dumps to files owned by other system users. This could \nresult in information disclosure if an application crashed while its \ncurrent directory was a directory writable to by other users (such as \n/tmp). (CVE-2015-3142)\n\nIt was discovered that the default event handling scripts installed by ABRT \ndid not handle symbolic links correctly. A local attacker with write access \nto an ABRT problem directory could use this flaw to escalate their \nprivileges. (CVE-2015-1869)\n\nIt was found that the ABRT event scripts created a user-readable copy of an \nsosreport file in ABRT problem directories, and included excerpts of \n/var/log/messages selected by the user-controlled process name, leading to \nan information disclosure. (CVE-2015-1870)\n\nIt was discovered that, when moving problem reports between certain \ndirectories, abrt-handle-upload did not verify that the new problem \ndirectory had appropriate permissions and did not contain symbolic links. \nAn attacker able to create a crafted problem report could use this flaw to \nexpose other parts of ABRT to attack, or to overwrite arbitrary files on\nthe system. (CVE-2015-3147)\n\nMultiple directory traversal flaws were found in the abrt-dbus D-Bus \nservice. A local attacker could use these flaws to read and write arbitrary \nfiles as the root user. (CVE-2015-3151)\n\nIt was discovered that the abrt-dbus D-Bus service did not properly check \nthe validity of the problem directory argument in the ChownProblemDir, \nDeleteElement, and DeleteProblem methods. A local attacker could use this \nflaw to take ownership of arbitrary files and directories, or to delete\nfiles and directories as the root user. (CVE-2015-3150)\n\nIt was discovered that the abrt-action-install-debuginfo-to-abrt-cache \nhelper program did not properly filter the process environment before \ninvoking abrt-action-install-debuginfo. A local attacker could use this \nflaw to escalate their privileges on the system. (CVE-2015-3159)\n\nAll users of abrt are advised to upgrade to these updated packages, which \ncorrect these issues.\n\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2015-June/070645.html\n\n**Affected packages:**\nabrt\nabrt-addon-ccpp\nabrt-addon-kerneloops\nabrt-addon-pstoreoops\nabrt-addon-python\nabrt-addon-upload-watch\nabrt-addon-vmcore\nabrt-addon-xorg\nabrt-cli\nabrt-console-notification\nabrt-dbus\nabrt-desktop\nabrt-devel\nabrt-gui\nabrt-gui-devel\nabrt-gui-libs\nabrt-libs\nabrt-python\nabrt-python-doc\nabrt-retrace-client\nabrt-tui\nlibreport\nlibreport-anaconda\nlibreport-centos\nlibreport-cli\nlibreport-compat\nlibreport-devel\nlibreport-filesystem\nlibreport-gtk\nlibreport-gtk-devel\nlibreport-newt\nlibreport-plugin-bugzilla\nlibreport-plugin-kerneloops\nlibreport-plugin-logger\nlibreport-plugin-mailx\nlibreport-plugin-mantisbt\nlibreport-plugin-reportuploader\nlibreport-plugin-rhtsupport\nlibreport-plugin-ureport\nlibreport-python\nlibreport-rhel\nlibreport-rhel-anaconda-bugzilla\nlibreport-rhel-bugzilla\nlibreport-web\nlibreport-web-devel\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2015:1083", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-06-15T19:59:49", "type": "centos", "title": "abrt, libreport security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1869", "CVE-2015-1870", "CVE-2015-3142", "CVE-2015-3147", "CVE-2015-3150", "CVE-2015-3151", "CVE-2015-3159", "CVE-2015-3315"], "modified": "2015-06-15T19:59:49", "id": "CESA-2015:1083", "href": "https://lists.centos.org/pipermail/centos-announce/2015-June/070645.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2021-05-13T09:23:48", "description": "abrt\n[2.1.11-22.0.1]\n- Drop libreport-rhel and libreport-plugin-rhtsupport requires\n[2.1.11-22]\n- do not open the build_ids file as the user abrt\n- do not unlink failed and big user core files\n- Related: #1212819, #1216973\n[2.1.11-21]\n- validate all D-Bus method arguments\n- Related: #1214610\n[2.1.11-20]\n- remove the old dump directories during upgrade\n- abrt-action-install-debuginfo-to-abrt-cache: sanitize arguments and umask\n- fix race conditions and directory traversal issues in abrt-dbus\n- use /var/spool/abrt instead of /var/tmp/abrt\n- make the problem directories owned by root and the group abrt\n- validate uploaded problem directories in abrt-handle-upload\n- don't override files with user core dump files\n- fix symbolic link and race condition flaws\n- Resolves: #1211969, #1212819, #1212863, #1212869\n- Resolves: #1214453, #1214610, #1216973, #1218583\nlibreport\n[2.1.11-23.0.1]\n- Update workflow xml for Oracle [18945470]\n- Add oracle-enterprise.patch and oracle-enterprise-po.patch\n- Remove libreport-plugin-rhtsupport and libreport-rhel\n- Added orabug20390725.patch to remove redhat reference [bug 20390725]\n- Added Bug20357383.patch to remove redhat reference [bug 20357383]\n[2.1.11-23]\n- do not open files outside a dump directory\n- Related: #1217484\n[2.1.11-22]\n- switch the default dump dir mode to 0750\n- harden against directory traversal, crafted symbolic links\n- avoid race-conditions in dump dir opening\n- Resolves: #1212096, #1217499, #1218610, #1217484", "cvss3": {}, "published": "2015-06-09T00:00:00", "type": "oraclelinux", "title": "abrt security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2015-1869", "CVE-2015-1870", "CVE-2015-3142", "CVE-2015-3147", "CVE-2015-3150", "CVE-2015-3151", "CVE-2015-3159", "CVE-2015-3315"], "modified": "2015-06-09T00:00:00", "id": "ELSA-2015-1083", "href": "http://linux.oracle.com/errata/ELSA-2015-1083.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2021-10-21T04:45:48", "description": "ABRT (Automatic Bug Reporting Tool) is a tool to help users to detect\ndefects in applications and to create a bug report with all the information\nneeded by a maintainer to fix it. It uses a plug-in system to extend its\nfunctionality. \n\nIt was found that ABRT was vulnerable to multiple race condition and \nsymbolic link flaws. A local attacker could use these flaws to potentially \nescalate their privileges on the system. (CVE-2015-3315)\n\nIt was discovered that the kernel-invoked coredump processor provided by \nABRT wrote core dumps to files owned by other system users. This could \nresult in information disclosure if an application crashed while its \ncurrent directory was a directory writable to by other users (such as \n/tmp). (CVE-2015-3142)\n\nIt was discovered that the default event handling scripts installed by ABRT \ndid not handle symbolic links correctly. A local attacker with write access \nto an ABRT problem directory could use this flaw to escalate their \nprivileges. (CVE-2015-1869)\n\nIt was found that the ABRT event scripts created a user-readable copy of an \nsosreport file in ABRT problem directories, and included excerpts of \n/var/log/messages selected by the user-controlled process name, leading to \nan information disclosure. (CVE-2015-1870)\n\nIt was discovered that, when moving problem reports between certain \ndirectories, abrt-handle-upload did not verify that the new problem \ndirectory had appropriate permissions and did not contain symbolic links. \nAn attacker able to create a crafted problem report could use this flaw to \nexpose other parts of ABRT to attack, or to overwrite arbitrary files on\nthe system. (CVE-2015-3147)\n\nMultiple directory traversal flaws were found in the abrt-dbus D-Bus \nservice. A local attacker could use these flaws to read and write arbitrary \nfiles as the root user. (CVE-2015-3151)\n\nIt was discovered that the abrt-dbus D-Bus service did not properly check \nthe validity of the problem directory argument in the ChownProblemDir, \nDeleteElement, and DeleteProblem methods. A local attacker could use this \nflaw to take ownership of arbitrary files and directories, or to delete\nfiles and directories as the root user. (CVE-2015-3150)\n\nIt was discovered that the abrt-action-install-debuginfo-to-abrt-cache \nhelper program did not properly filter the process environment before \ninvoking abrt-action-install-debuginfo. A local attacker could use this \nflaw to escalate their privileges on the system. (CVE-2015-3159)\n\nAll users of abrt are advised to upgrade to these updated packages, which \ncorrect these issues.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2015-06-09T00:00:00", "type": "redhat", "title": "(RHSA-2015:1083) Important: abrt security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1869", "CVE-2015-1870", "CVE-2015-3142", "CVE-2015-3147", "CVE-2015-3150", "CVE-2015-3151", "CVE-2015-3159", "CVE-2015-3315"], "modified": "2018-04-11T23:32:41", "id": "RHSA-2015:1083", "href": "https://access.redhat.com/errata/RHSA-2015:1083", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}]}
CVE-2015-3151
