Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2015-5287
HistoryDec 07, 2015 - 6:59 p.m.

CVE-2015-5287

2015-12-0718:59:02
CWE-59
[email protected]
web.nvd.nist.gov
94
abrt
bug reporting tool
privilege escalation
symlink attack
cve-2015-5287
nvd

6.3 Medium

AI Score

Confidence

Low

6.9 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

38.7%

JSON

The abrt-hook-ccpp help program in Automatic Bug Reporting Tool (ABRT) before 2.7.1 allows local users with certain permissions to gain privileges via a symlink attack on a file with a predictable name, as demonstrated by /var/tmp/abrt/abrt-hax-coredump or /var/spool/abrt/abrt-hax-coredump.

Affected configurations

NVD
Node
redhatautomatic_bug_reporting_toolRange2.7.0
Node
redhatenterprise_linux_desktopMatch7.0
OR
redhatenterprise_linux_hpc_nodeMatch7.0
OR
redhatenterprise_linux_serverMatch7.0
OR
redhatenterprise_linux_workstationMatch7.0

Related

cvelist 1
saint 4
metasploit 1
nvd 1
packetstorm 3
zdt 3
exploitpack 2
prion 1
exploitdb 3
fedora 1
nessus 5
redhat 1
oraclelinux 1
centos 1
openvas 2
cvelist
cvelist
CVE-2015-5287
2015-12-07 18:00:00
saint
saint
ABRT/sosreport privilege elevation
2015-12-14 00:00:00
ABRT/sosreport privilege elevation
2015-12-14 00:00:00
ABRT/sosreport privilege elevation
2015-12-14 00:00:00
metasploit
metasploit
ABRT sosreport Privilege Escalation
2019-04-20 11:48:52
nvd
nvd
CVE-2015-5287
2015-12-07 18:59:02
packetstorm
packetstorm
RHEL 7.0 / 7.1 abrt / sosreport Local Root
2015-12-01 00:00:00
ABRT sosreport Privilege Escalation
2019-09-24 00:00:00
CentOS 7.1 / Fedora 22 abrt Local Root
2015-12-01 00:00:00
zdt
zdt
RHEL 7.0/7.1 - abrt/sosreport Local Root Exploit
2015-12-01 00:00:00
ABRT - sosreport Privilege Escalation Exploit
2019-09-26 00:00:00
Centos 7.1 / Fedora 22 - abrt Local Root Exploit
2015-12-01 00:00:00
exploitpack
exploitpack
RHEL 7.07.1 - abrtsosreport Local Privilege Escalation
2015-12-01 00:00:00
abrt (Centos 7.1 Fedora 22) - Local Privilege Escalation
2015-12-01 00:00:00
prion
prion
Code injection
2015-12-07 18:59:00
exploitdb
exploitdb
ABRT - sosreport Privilege Escalation (Metasploit)
2019-09-25 00:00:00
RHEL 7.0/7.1 - 'abrt/sosreport' Local Privilege Escalation
2015-12-01 00:00:00
abrt (Centos 7.1 / Fedora 22) - Local Privilege Escalation
2015-12-01 00:00:00
fedora
fedora
[SECURITY] Fedora 23 Update: abrt-2.7.1-1.fc23
2015-11-28 20:23:31
nessus
nessus
Fedora 23 : abrt-2.7.1-1.fc23 (2015-79c1758468)
2016-03-04 00:00:00
Oracle Linux 7 : abrt / and / libreport (ELSA-2015-2505)
2015-11-30 00:00:00
RHEL 7 : abrt and libreport (RHSA-2015:2505)
2015-11-24 00:00:00
redhat
redhat
(RHSA-2015:2505) Moderate: abrt and libreport security update
2015-11-23 10:17:59
oraclelinux
oraclelinux
abrt and libreport security update
2015-11-25 00:00:00
centos
centos
abrt, libreport security update
2015-12-01 18:46:19
openvas
openvas
RedHat Update for abrt and libreport RHSA-2015:2505-01
2015-11-24 00:00:00
Oracle: Security Advisory (ELSA-2015-2505)
2015-11-27 00:00:00

6.3 Medium

AI Score

Confidence

Low

6.9 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

38.7%

JSON
Related for CVE-2015-5287
cvelist1saint4metasploit1nvd1packetstorm3zdt3exploitpack2prion1exploitdb3fedora1nessus5redhat1oraclelinux1centos1openvas2