abrt (Centos 7.1 / Fedora 22) - Local Privilege Escalation

!/usr/bin/python CVE-2015-5273 + CVE-2015-5287 CENTOS 7.1/Fedora22 local root probably works on SL and older versions too abrt-hook-ccpp insecure open usage + abrt-action-install-debuginfo insecure temp directory usage rebel 09/2015 ---------------------------------------- user@localhost $ id...

abrt (Centos 7.1 Fedora 22) - Local Privilege Escalation

abrt Centos 7.1 Fedora 22 - Local Privilege Escalation !/usr/bin/python CVE-2015-5273 + CVE-2015-5287 CENTOS 7.1/Fedora22 local root probably works on SL and older versions too abrt-hook-ccpp insecure open usage + abrt-action-install-debuginfo insecure temp directory usage rebel 09/2015...

ABRT abrt-action-install-debuginfo-to-abrt-cache local elevation of privilege vulnerability

ABRT is an automated bug reporting tool. ABRT abrt-action-install-debuginfo-to-abrt-cache handles environment variables with vulnerabilities that allow local attackers to exploit exploits for elevation of privilege...

abrt: Race condition in abrt-action-install-debuginfo

abrt-action-install-debuginfo in Automatic Bug Reporting Tool ABRT 2.0.9 and earlier allows local users to set world-writable permissions for arbitrary files and possibly gain privileges via a symlink attack on "the directories used to store information about crashes."...