Lucene search
+L

302 matches found

Tenable Nessus
Tenable Nessus
added 2016/03/04 12:0 a.m.21 views

Fedora 23 : abrt-2.7.0-2.fc23 / libreport-2.6.3-1.fc23 (2015-cc585b503f)

Security fix for CVE-2015-5302 abrt-2.7.0-2.fc23 - Fix broken problem details in abrt-cli/gnome-abrt abrt-2.7.0-1.fc23 - cli-ng: initial - bodhi: introduce wrapper for 'reporter-bugzilla -h' and 'abrt-bodhi' - handle-event: remove obsolete workaround - remove 'not needed' code - doc: change...

5CVSS5.6AI score0.02823EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2016/03/04 12:0 a.m.30 views

Fedora 23 : abrt-2.7.1-1.fc23 (2015-79c1758468)

CVE-2015-5287: ignore crashes of abrt tools if DebugLevel = 0 - CVE-2015-5273: create own random temporary directory - make crashes of processes with locked memory not-reportable - detect xorg backtraces from journald - fix the coredumpctl integration tool Note that Tenable Network Security has...

6.9CVSS5.3AI score0.03268EPSS
Exploits18References3
Tenable Nessus
Tenable Nessus
added 2015/12/22 12:0 a.m.41 views

Scientific Linux Security Update : abrt and libreport on SL7.x x86_64 (20151123)

It was found that the ABRT debug information installer abrt-action- install-debuginfo-to-abrt-cache did not use temporary directories in a secure way. A local attacker could use the flaw to create symbolic links and files at arbitrary locations as the abrt user. CVE-2015-5273 It was discovered th...

6.9CVSS5.7AI score0.03268EPSS
Exploits18References4
Saint
Saint
added 2015/12/14 12:0 a.m.50 views

ABRT/sosreport privilege elevation

Added: 12/14/2015 CVE: CVE-2015-5287 Background The Automatic Bug Reporting Tool ABRT is an application that runs as a daemon on some Linux systems. ABRT collects relevant crash data when another application crashes and can report it to a relevant issue tracker for analysis. After saving some...

6.9CVSS6.4AI score0.03268EPSS
Exploits17
Saint
Saint
added 2015/12/14 12:0 a.m.32 views

ABRT/sosreport privilege elevation

Added: 12/14/2015 CVE: CVE-2015-5287 Background The Automatic Bug Reporting Tool ABRT is an application that runs as a daemon on some Linux systems. ABRT collects relevant crash data when another application crashes and can report it to a relevant issue tracker for analysis. After saving some...

6.9CVSS6.4AI score0.03268EPSS
Exploits17
Saint
Saint
added 2015/12/14 12:0 a.m.109 views

ABRT/sosreport privilege elevation

Added: 12/14/2015 CVE: CVE-2015-5287 Background The Automatic Bug Reporting Tool ABRT is an application that runs as a daemon on some Linux systems. ABRT collects relevant crash data when another application crashes and can report it to a relevant issue tracker for analysis. After saving some...

6.9CVSS6.4AI score0.03268EPSS
Exploits17
Saint
Saint
added 2015/12/14 12:0 a.m.29 views

ABRT/sosreport privilege elevation

Added: 12/14/2015 CVE: CVE-2015-5287 Background The Automatic Bug Reporting Tool ABRT is an application that runs as a daemon on some Linux systems. ABRT collects relevant crash data when another application crashes and can report it to a relevant issue tracker for analysis. After saving some...

6.9CVSS6.4AI score0.03268EPSS
Exploits17
NVD
NVD
added 2015/12/07 6:59 p.m.19 views

CVE-2015-5287

The abrt-hook-ccpp help program in Automatic Bug Reporting Tool ABRT before 2.7.1 allows local users with certain permissions to gain privileges via a symlink attack on a file with a predictable name, as demonstrated by /var/tmp/abrt/abrt-hax-coredump or /var/spool/abrt/abrt-hax-coredump...

6.9CVSS6.3AI score0.03268EPSS
Exploits17References8
Prion
Prion
added 2015/12/07 6:59 p.m.18 views

Code injection

The abrt-action-install-debuginfo-to-abrt-cache help program in Automatic Bug Reporting Tool ABRT before 2.7.1 allows local users to write to arbitrary files via a symlink attack on unpacked.cpio in a pre-created directory with a predictable name in /var/tmp...

3.6CVSS6.7AI score0.00901EPSS
Exploits5References7Affected Software5
NVD
NVD
added 2015/12/07 6:59 p.m.16 views

CVE-2015-5273

The abrt-action-install-debuginfo-to-abrt-cache help program in Automatic Bug Reporting Tool ABRT before 2.7.1 allows local users to write to arbitrary files via a symlink attack on unpacked.cpio in a pre-created directory with a predictable name in /var/tmp...

3.6CVSS6.1AI score0.00901EPSS
Exploits5References7
Prion
Prion
added 2015/12/07 6:59 p.m.16 views

Code injection

The abrt-hook-ccpp help program in Automatic Bug Reporting Tool ABRT before 2.7.1 allows local users with certain permissions to gain privileges via a symlink attack on a file with a predictable name, as demonstrated by /var/tmp/abrt/abrt-hax-coredump or /var/spool/abrt/abrt-hax-coredump...

6.9CVSS6.8AI score0.03268EPSS
Exploits17References8Affected Software5
Cvelist
Cvelist
added 2015/12/07 6:0 p.m.24 views

CVE-2015-5273

The abrt-action-install-debuginfo-to-abrt-cache help program in Automatic Bug Reporting Tool ABRT before 2.7.1 allows local users to write to arbitrary files via a symlink attack on unpacked.cpio in a pre-created directory with a predictable name in /var/tmp...

6AI score0.00901EPSS
Exploits5References7
Cvelist
Cvelist
added 2015/12/07 6:0 p.m.21 views

CVE-2015-5287

The abrt-hook-ccpp help program in Automatic Bug Reporting Tool ABRT before 2.7.1 allows local users with certain permissions to gain privileges via a symlink attack on a file with a predictable name, as demonstrated by /var/tmp/abrt/abrt-hax-coredump or /var/spool/abrt/abrt-hax-coredump...

6.1AI score0.03268EPSS
Exploits17References8
CVE
CVE
added 2015/12/07 6:0 p.m.98 views

CVE-2015-5273

CVE-2015-5273 affects ABRT and libreport: the abrt-action-install-debuginfo-to-abrt-cache helper allows a local attacker to write arbitrary files via a symlink attack on unpacked.cpio in a pre-created directory with a predictable name in /var/tmp. Public advisories (RHSA/CESA) and distributed sec...

3.6CVSS6.1AI score0.00901EPSS
Exploits5References7Affected Software1
CVE
CVE
added 2015/12/07 6:0 p.m.154 views

CVE-2015-5287

CVE-2015-5287 affects ABRT’s abrt-hook-ccpp prior to 2.7.1, enabling a local user with certain permissions to gain privileges via a symlink attack on a file with a predictable name (e.g., /var/tmp/abrt/abrt-hax-coredump or /var/spool/abrt/abrt-hax-coredump). Publicly documented exploit paths incl...

6.9CVSS6.3AI score0.03268EPSS
Exploits17References8Affected Software1
OpenVAS
OpenVAS
added 2015/12/03 12:0 a.m.18 views

CentOS Update for libreport CESA-2015:2504 centos6

Check the version of libreport SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882332";...

5CVSS5.1AI score0.02823EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/12/03 12:0 a.m.29 views

CentOS 6 : libreport (CESA-2015:2504)

Updated libreport packages that fix one security issue are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

5CVSS5.5AI score0.02823EPSS
Exploits0References2
Cent OS
Cent OS
added 2015/12/02 1:52 p.m.66 views

libreport security update

CentOS Errata and Security Advisory CESA-2015:2504 Updated libreport packages that fix one security issue are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, whi...

5CVSS5.8AI score0.02823EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2015/12/02 12:0 a.m.30 views

CentOS 7 : abrt / libreport (CESA-2015:2505)

Updated abrt and libreport packages that fix three security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

6.9CVSS5.8AI score0.03268EPSS
Exploits18References5
Cent OS
Cent OS
added 2015/12/01 6:46 p.m.65 views

abrt, libreport security update

CentOS Errata and Security Advisory CESA-2015:2505 Updated abrt and libreport packages that fix three security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base...

6.9CVSS5.9AI score0.03268EPSS
Exploits18References7
Rows per page
Query Builder