Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:730C456FA978CA1884FDB919B7B76A27
HistoryDec 14, 2015 - 12:00 a.m.

ABRT/sosreport privilege elevation

2015-12-1400:00:00
SAINT Corporation
www.saintcorporation.com
14

0.001 Low

EPSS

Percentile

38.9%

JSON

Added: 12/14/2015
CVE: CVE-2015-5287

Background

The Automatic Bug Reporting Tool (ABRT) is an application that runs as a daemon on some Linux systems. ABRT collects relevant crash data when another application crashes and can report it to a relevant issue tracker for analysis. After saving some initial diagnostic information, the **sosreport** script is called by ABRT on Red Hat Enterprise Linux (RHEL).

Problem

When **/etc/abrt/abrt.conf** is configured to turn off **PrivateReports**, the default setting in RHEL 7 and 7.1, the diagnostic files and directories created by ABRT can be manipulated to cause **/usr/sbin/sosreport** to write a file with crafted data at an arbitrary location as root.

Resolution

Apply the appropriate patch referenced in Red Hat Security Advisory RHSA-2015-2505-1.

References

<https://www.exploit-db.com/exploits/38832/&gt;
<http://www.openwall.com/lists/oss-security/2015/12/01/1&gt;

Limitations

Exploit works on default installations of Red Hat Enterprise Linux (RHEL) 7 and 7.1. Exploit may also work on RHEL 6 if the system administrator has commented out the line “PrivateReports = yes” or set it to “no” in abrt.conf.

Platforms

Linux

Related

cvelist 1
saint 3
zdt 3
packetstorm 3
exploitpack 2
metasploit 1
nvd 1
cve 1
prion 1
exploitdb 3
fedora 1
nessus 5
oraclelinux 1
centos 1
redhat 1
openvas 2
cvelist
cvelist
CVE-2015-5287
2015-12-07 18:00:00
saint
saint
ABRT/sosreport privilege elevation
2015-12-14 00:00:00
ABRT/sosreport privilege elevation
2015-12-14 00:00:00
ABRT/sosreport privilege elevation
2015-12-14 00:00:00
zdt
zdt
RHEL 7.0/7.1 - abrt/sosreport Local Root Exploit
2015-12-01 00:00:00
ABRT - sosreport Privilege Escalation Exploit
2019-09-26 00:00:00
Centos 7.1 / Fedora 22 - abrt Local Root Exploit
2015-12-01 00:00:00
packetstorm
packetstorm
RHEL 7.0 / 7.1 abrt / sosreport Local Root
2015-12-01 00:00:00
ABRT sosreport Privilege Escalation
2019-09-24 00:00:00
CentOS 7.1 / Fedora 22 abrt Local Root
2015-12-01 00:00:00
exploitpack
exploitpack
RHEL 7.07.1 - abrtsosreport Local Privilege Escalation
2015-12-01 00:00:00
abrt (Centos 7.1 Fedora 22) - Local Privilege Escalation
2015-12-01 00:00:00
metasploit
metasploit
ABRT sosreport Privilege Escalation
2019-04-20 11:48:52
nvd
nvd
CVE-2015-5287
2015-12-07 18:59:02
cve
cve
CVE-2015-5287
2015-12-07 18:59:02
prion
prion
Code injection
2015-12-07 18:59:00
exploitdb
exploitdb
ABRT - sosreport Privilege Escalation (Metasploit)
2019-09-25 00:00:00
RHEL 7.0/7.1 - &#039;abrt/sosreport&#039; Local Privilege Escalation
2015-12-01 00:00:00
abrt (Centos 7.1 / Fedora 22) - Local Privilege Escalation
2015-12-01 00:00:00
fedora
fedora
[SECURITY] Fedora 23 Update: abrt-2.7.1-1.fc23
2015-11-28 20:23:31
nessus
nessus
Fedora 23 : abrt-2.7.1-1.fc23 (2015-79c1758468)
2016-03-04 00:00:00
RHEL 7 : abrt and libreport (RHSA-2015:2505)
2015-11-24 00:00:00
Oracle Linux 7 : abrt / and / libreport (ELSA-2015-2505)
2015-11-30 00:00:00
oraclelinux
oraclelinux
abrt and libreport security update
2015-11-25 00:00:00
centos
centos
abrt, libreport security update
2015-12-01 18:46:19
redhat
redhat
(RHSA-2015:2505) Moderate: abrt and libreport security update
2015-11-23 10:17:59
openvas
openvas
RedHat Update for abrt and libreport RHSA-2015:2505-01
2015-11-24 00:00:00
Oracle: Security Advisory (ELSA-2015-2505)
2015-11-27 00:00:00

0.001 Low

EPSS

Percentile

38.9%

JSON
Related for SAINT:730C456FA978CA1884FDB919B7B76A27
cvelist1saint3zdt3packetstorm3exploitpack2metasploit1nvd1cve1prion1exploitdb3fedora1nessus5oraclelinux1centos1redhat1openvas2