Lucene search
K

301 matches found

Prion
Prion
added 2020/01/14 6:15 p.m.20 views

Directory traversal

Directory traversal vulnerability in abrt-dbus in Automatic Bug Reporting Tool ABRT allows local users to read, write to, or change ownership of arbitrary files via unspecified vectors to the 1 NewProblem, 2 GetInfo, 3 SetElement, or 4 DeleteElement method...

7.2CVSS6.7AI score0.0056EPSS
Exploits0References6
CVE
CVE
added 2020/01/14 6:0 p.m.76 views

CVE-2015-3159

CVE-2015-3159 affects ABRT (Automatic Bug Reporting Tool) specifically the abrt-action-install-debuginfo-to-abrt-cache component. The root cause is improper handling of the process environment before invoking abrt-action-install-debuginfo, enabling local privilege elevation. Vulnerable platforms ...

7.8CVSS5.7AI score0.00388EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2020/01/14 6:0 p.m.13 views

CVE-2015-3159

The abrt-action-install-debuginfo-to-abrt-cache help program in Automatic Bug Reporting Tool ABRT does not properly handle the process environment before invoking abrt-action-install-debuginfo, which allows local users to gain privileges...

7.5AI score0.00388EPSS
Exploits0References3
CVE
CVE
added 2020/01/14 5:47 p.m.71 views

CVE-2015-3151

Technical details (affected product, root cause, impact, or fix) for CVE-2015-3151 are not publicly provided in the supplied documents. Monitor for updates.

7.8CVSS7.2AI score0.0056EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2020/01/14 5:47 p.m.26 views

CVE-2015-3151

Directory traversal vulnerability in abrt-dbus in Automatic Bug Reporting Tool ABRT allows local users to read, write to, or change ownership of arbitrary files via unspecified vectors to the 1 NewProblem, 2 GetInfo, 3 SetElement, or 4 DeleteElement method...

7.3AI score0.0056EPSS
Exploits0References6
Cvelist
Cvelist
added 2020/01/14 5:34 p.m.31 views

CVE-2015-3150

abrt-dbus in Automatic Bug Reporting Tool ABRT allows local users to delete or change the ownership of arbitrary files via the problem directory argument to the 1 ChownProblemDir, 2 DeleteElement, or 3 DeleteProblem method...

7AI score0.00398EPSS
Exploits0References5
CVE
CVE
added 2020/01/14 5:34 p.m.82 views

CVE-2015-3150

CVE-2015-3150 affects abrt-dbus in Automatic Bug Reporting Tool (ABRT). Local attackers could delete or change ownership of arbitrary files via the problem directory argument to ChownProblemDir, DeleteElement, or DeleteProblem, indicating a local-privilege and data-integrity impact (C, I) without...

7.2CVSS6.8AI score0.00398EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2020/01/14 5:31 p.m.23 views

CVE-2015-3147

daemon/abrt-handle-upload.in in Automatic Bug Reporting Tool ABRT, when moving problem reports from /var/spool/abrt-upload, allows local users to write to arbitrary files or possibly have other unspecified impact via a symlink attack on 1 /var/spool/abrt or 2 /var/tmp/abrt...

7AI score0.01066EPSS
Exploits0References5
Cvelist
Cvelist
added 2020/01/14 5:31 p.m.19 views

CVE-2015-1869

The default event handling scripts in Automatic Bug Reporting Tool ABRT allow local users to gain privileges as demonstrated by a symlink attack on a varlogmessages file...

7.5AI score0.00411EPSS
Exploits0References4
CVE
CVE
added 2020/01/14 5:31 p.m.87 views

CVE-2015-1869

CVE-2015-1869 affects the Automatic Bug Reporting Tool (ABRT) and is exploitable locally to gain privileges via a symlink attack on ABRT’s logging path (var_log_messages). Connected documents confirm this vulnerability is acknowledged in multiple advisories and vendor bulletins (e.g., Red Hat RHS...

7.8CVSS5.6AI score0.00411EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2019/11/05 5:51 p.m.10 views

ALBA-2019:3487 abrt-java-connector bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

6.8AI score
Exploits0References1
AlmaLinux
AlmaLinux
added 2019/11/05 5:51 p.m.11 views

abrt-java-connector bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

1.6AI score
Exploits0References1
Rockylinux
Rockylinux
added 2019/11/05 5:51 p.m.13 views

abrt-java-connector bug fix and enhancement update

An update is available for abrt-java-connector. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rock...

2AI score
Exploits0
Rockylinux
Rockylinux
added 2019/11/05 5:34 p.m.11 views

rhn-tools:1.0 bug fix and enhancement update

An update is available for osad, spacewalk-abrt, rhn-custom-info, rhncfg, spacewalk-koan, spacewalk-oscap, spacewalk-backend, rhn-virtualization, spacewalk-usix, rhnpush, spacewalk-client-cert, cobbler, spacewalk-remote-utils. This update affects Rocky Linux 8. A Common Vulnerability Scoring Syst...

1.5AI score
Exploits0
0day.today
0day.today
added 2019/09/26 12:0 a.m.71 views

ABRT - sosreport Privilege Escalation Exploit

This Metasploit module attempts to gain root privileges on RHEL systems with a vulnerable version of Automatic Bug Reporting Tool ABRT configured as the crash handler. sosreport uses an insecure temporary directory, allowing local users to write to arbitrary files CVE-2015-5287. This module has...

6.9CVSS0.03268EPSS
Exploits17
Exploit DB
Exploit DB
added 2019/09/25 12:0 a.m.236 views

ABRT - sosreport Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ABRT sosreport Privilege Escalation', 'Description' = %q This module attempts to gain root privileges on RHEL systems with a vulnerable version o...

6.9CVSS7AI score0.03268EPSS
Exploits17
Packet Storm
Packet Storm
added 2019/09/24 12:0 a.m.334 views

ABRT sosreport Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ABRT sosreport Privilege Escalation', 'Description' = %q This module attempts to gain root privileges on RHEL systems with a vulnerable version o...

6.9CVSS0.2AI score0.03268EPSS
Exploits17
Veracode
Veracode
added 2019/05/02 5:40 a.m.6 views

Arbitrary File Upload

ABRT Automatic Bug Reporting Tool is vulnerable to arbitrary file upload. There is a flaw in moving problem reports between certain directories as abrt-handle-upload fails to verify that a new problem directory has appropriate permissions and did not contain symbolic links. A malicious problem...

6.5CVSS6.6AI score0.01066EPSS
Exploits0References10Affected Software2
Veracode
Veracode
added 2019/05/02 5:40 a.m.13 views

Privilege Escalation

ABRT Automatic Bug Reporting Tool is vulnerable to privilege escalation. The attack is possible because abrt-action-install-debuginfo-to-abrt-cache helper program does not filter the process environment before invoking abrt-action-install-debuginfo, allowing a local attacker escalate their...

7.8CVSS6AI score0.00388EPSS
Exploits0References8Affected Software2
Veracode
Veracode
added 2019/05/02 5:40 a.m.24 views

Sensitive Information Leakage

ABRT Automatic Bug Reporting Tool is a tool to help users to detect defects in applications and to create a bug report with all the information needed by a maintainer to fix it. It uses a plug-in system to extend its functionality. It was found that ABRT was vulnerable to multiple race condition...

7.8CVSS6.1AI score0.04776EPSS
Exploits4References10Affected Software2
Rows per page
Query Builder