301 matches found
Directory traversal
Directory traversal vulnerability in abrt-dbus in Automatic Bug Reporting Tool ABRT allows local users to read, write to, or change ownership of arbitrary files via unspecified vectors to the 1 NewProblem, 2 GetInfo, 3 SetElement, or 4 DeleteElement method...
CVE-2015-3159
CVE-2015-3159 affects ABRT (Automatic Bug Reporting Tool) specifically the abrt-action-install-debuginfo-to-abrt-cache component. The root cause is improper handling of the process environment before invoking abrt-action-install-debuginfo, enabling local privilege elevation. Vulnerable platforms ...
CVE-2015-3159
The abrt-action-install-debuginfo-to-abrt-cache help program in Automatic Bug Reporting Tool ABRT does not properly handle the process environment before invoking abrt-action-install-debuginfo, which allows local users to gain privileges...
CVE-2015-3151
Technical details (affected product, root cause, impact, or fix) for CVE-2015-3151 are not publicly provided in the supplied documents. Monitor for updates.
CVE-2015-3151
Directory traversal vulnerability in abrt-dbus in Automatic Bug Reporting Tool ABRT allows local users to read, write to, or change ownership of arbitrary files via unspecified vectors to the 1 NewProblem, 2 GetInfo, 3 SetElement, or 4 DeleteElement method...
CVE-2015-3150
abrt-dbus in Automatic Bug Reporting Tool ABRT allows local users to delete or change the ownership of arbitrary files via the problem directory argument to the 1 ChownProblemDir, 2 DeleteElement, or 3 DeleteProblem method...
CVE-2015-3150
CVE-2015-3150 affects abrt-dbus in Automatic Bug Reporting Tool (ABRT). Local attackers could delete or change ownership of arbitrary files via the problem directory argument to ChownProblemDir, DeleteElement, or DeleteProblem, indicating a local-privilege and data-integrity impact (C, I) without...
CVE-2015-3147
daemon/abrt-handle-upload.in in Automatic Bug Reporting Tool ABRT, when moving problem reports from /var/spool/abrt-upload, allows local users to write to arbitrary files or possibly have other unspecified impact via a symlink attack on 1 /var/spool/abrt or 2 /var/tmp/abrt...
CVE-2015-1869
The default event handling scripts in Automatic Bug Reporting Tool ABRT allow local users to gain privileges as demonstrated by a symlink attack on a varlogmessages file...
CVE-2015-1869
CVE-2015-1869 affects the Automatic Bug Reporting Tool (ABRT) and is exploitable locally to gain privileges via a symlink attack on ABRT’s logging path (var_log_messages). Connected documents confirm this vulnerability is acknowledged in multiple advisories and vendor bulletins (e.g., Red Hat RHS...
ALBA-2019:3487 abrt-java-connector bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
abrt-java-connector bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
abrt-java-connector bug fix and enhancement update
An update is available for abrt-java-connector. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rock...
rhn-tools:1.0 bug fix and enhancement update
An update is available for osad, spacewalk-abrt, rhn-custom-info, rhncfg, spacewalk-koan, spacewalk-oscap, spacewalk-backend, rhn-virtualization, spacewalk-usix, rhnpush, spacewalk-client-cert, cobbler, spacewalk-remote-utils. This update affects Rocky Linux 8. A Common Vulnerability Scoring Syst...
ABRT - sosreport Privilege Escalation Exploit
This Metasploit module attempts to gain root privileges on RHEL systems with a vulnerable version of Automatic Bug Reporting Tool ABRT configured as the crash handler. sosreport uses an insecure temporary directory, allowing local users to write to arbitrary files CVE-2015-5287. This module has...
ABRT - sosreport Privilege Escalation (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ABRT sosreport Privilege Escalation', 'Description' = %q This module attempts to gain root privileges on RHEL systems with a vulnerable version o...
ABRT sosreport Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ABRT sosreport Privilege Escalation', 'Description' = %q This module attempts to gain root privileges on RHEL systems with a vulnerable version o...
Arbitrary File Upload
ABRT Automatic Bug Reporting Tool is vulnerable to arbitrary file upload. There is a flaw in moving problem reports between certain directories as abrt-handle-upload fails to verify that a new problem directory has appropriate permissions and did not contain symbolic links. A malicious problem...
Privilege Escalation
ABRT Automatic Bug Reporting Tool is vulnerable to privilege escalation. The attack is possible because abrt-action-install-debuginfo-to-abrt-cache helper program does not filter the process environment before invoking abrt-action-install-debuginfo, allowing a local attacker escalate their...
Sensitive Information Leakage
ABRT Automatic Bug Reporting Tool is a tool to help users to detect defects in applications and to create a bug report with all the information needed by a maintainer to fix it. It uses a plug-in system to extend its functionality. It was found that ABRT was vulnerable to multiple race condition...