Lucene search
K

302 matches found

Veracode
Veracode
added 2019/05/02 5:40 a.m.33 views

Symlink Attack

ABRT Automatic Bug Reporting Tool is a tool to help users to detect defects in applications and to create a bug report with all the information needed by a maintainer to fix it. It uses a plug-in system to extend its functionality. It was found that ABRT was vulnerable to multiple race condition...

7.8CVSS6.1AI score0.04776EPSS
Exploits4References13Affected Software2
Veracode
Veracode
added 2019/05/02 5:40 a.m.26 views

Sensitive Information Leakage

ABRT Automatic Bug Reporting Tool is a tool to help users to detect defects in applications and to create a bug report with all the information needed by a maintainer to fix it. It uses a plug-in system to extend its functionality. It was found that ABRT was vulnerable to multiple race condition...

7.8CVSS6.1AI score0.04776EPSS
Exploits4References12Affected Software2
Veracode
Veracode
added 2019/05/02 5:40 a.m.7 views

Arbitrary File Upload

ABRT Automatic Bug Reporting Tool is vulnerable to arbitrary file upload. There is a flaw in moving problem reports between certain directories as abrt-handle-upload fails to verify that a new problem directory has appropriate permissions and did not contain symbolic links. A malicious problem...

6.5CVSS6.6AI score0.01066EPSS
Exploits0References10Affected Software2
Veracode
Veracode
added 2019/05/02 4:52 a.m.18 views

Privilege Escalation

ABRT Automatic Bug Reporting Tool is a tool to help users to detect defects in applications and to create a bug report with all the information needed by a maintainer to fix it. It uses a plug-in system to extend its functionality. libreport provides an API for reporting different problems in...

6.9CVSS5.6AI score0.00446EPSS
Exploits2References7Affected Software2
Veracode
Veracode
added 2019/05/02 4:41 a.m.28 views

Information Disclosure

ABRT Automatic Bug Reporting Tool is a tool to help users to detect defects in applications and to create a bug report with all the information needed by a maintainer to fix it. It uses a plug-in system to extend its functionality. libreport provides an API for reporting different problems in...

7.5CVSS7AI score0.01616EPSS
Exploits1References27Affected Software4
Metasploit
Metasploit
added 2019/04/20 11:48 a.m.84 views

ABRT sosreport Privilege Escalation

This module attempts to gain root privileges on RHEL systems with a vulnerable version of Automatic Bug Reporting Tool ABRT configured as the crash handler. sosreport uses an insecure temporary directory, allowing local users to write to arbitrary files CVE-2015-5287. This module uses a symlink...

6.9CVSS6.6AI score0.03268EPSS
Exploits17
Tenable Nessus
Tenable Nessus
added 2019/04/08 12:0 a.m.34 views

Fedora 29 : poppler (2019-d04944813d)

Security fix for CVE-2018-20662, CVE-2019-9631 and CVE-2019-9200. One additional fix for crash detected by ABRT. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format...

9.8CVSS6.8AI score0.03518EPSS
Exploits1References4
Veracode
Veracode
added 2019/01/15 9:6 a.m.25 views

Privilege Escalation

ABRT is vulnerable to privilege escalation. It was discovered that the default event handling scripts installed by ABRT did not handle symbolic links correctly. A local attacker with write access to an ABRT problem directory could use this flaw to escalate their privileges...

7.8CVSS6AI score0.00411EPSS
Exploits0References9Affected Software2
Veracode
Veracode
added 2019/01/15 8:55 a.m.16 views

Arbitrary Code Execution

abrt is vulnerable to arbitrary code execution. The /usr/libexec/abrt-action-install-debuginfo-to-abrt-cache tool does not sufficiently sanitize its environment variables, allowing arbitrary Python modules to be loaded and run from non-standard directories such as /tmp. A local attacker is able t...

3.7CVSS6.9AI score0.00446EPSS
Exploits1References5Affected Software2
Veracode
Veracode
added 2019/01/15 8:52 a.m.25 views

Information Disclosure

abrt is vulnerable to information disclosure. The application would send confidential information such as usernames and passwords when reporting on crashes...

7.5CVSS7AI score0.01616EPSS
Exploits0References25Affected Software4
Prion
Prion
added 2018/05/01 7:29 p.m.23 views

Design/Logic Flaw

Automatic Bug Reporting Tool ABRT before 2.1.6 allows local users to obtain sensitive information about arbitrary files via vectors related to sha1sums...

2.1CVSS6.4AI score0.00308EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2018/05/01 7:29 p.m.14 views

CVE-2013-4209

Automatic Bug Reporting Tool ABRT before 2.1.6 allows local users to obtain sensitive information about arbitrary files via vectors related to sha1sums...

3.3CVSS3.6AI score0.00308EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/05/01 7:0 p.m.16 views

CVE-2013-4209

Automatic Bug Reporting Tool ABRT before 2.1.6 allows local users to obtain sensitive information about arbitrary files via vectors related to sha1sums...

3.6AI score0.00308EPSS
Exploits0References1
CVE
CVE
added 2018/05/01 7:0 p.m.46 views

CVE-2013-4209

The CVE-2013-4209 entry concerns Red Hat ABRT (Automatic Bug Reporting Tool) before 2.1.6. The vulnerability allows a local attacker to obtain sensitive information from arbitrary files via vectors related to sha1sums, resulting in a partial confidentiality impact. Affected software: ABRT prior t...

3.3CVSS3.7AI score0.00308EPSS
Exploits0References1Affected Software1
0day.today
0day.today
added 2018/02/17 12:0 a.m.81 views

ABRT - raceabrt Privilege Escalation Exploit

Exploit for linux platform in category local exploits This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ABRT raceabrt Privilege Escalation', 'Description' = %q This module attempts to gain root...

7.2CVSS0.3AI score0.04776EPSS
Exploits14
Exploit DB
Exploit DB
added 2018/02/16 12:0 a.m.89 views

ABRT - 'raceabrt' Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ABRT raceabrt Privilege Escalation', 'Description' = %q This module attempts to gain root privileges on Fedora systems with a vulnerable version ...

7.8CVSS6.4AI score0.04776EPSS
Exploits4
Packet Storm
Packet Storm
added 2018/02/15 12:0 a.m.149 views

ABRT raceabrt Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ABRT raceabrt Privilege Escalation', 'Description' = %q This module attempts to gain root privileges on Fedora systems with a vulnerable version ...

7.2CVSS6.3AI score0.04776EPSS
Exploits14
NVD
NVD
added 2018/02/09 10:29 p.m.21 views

CVE-2015-1862

The crash reporting feature in Abrt allows local users to gain privileges by leveraging an execve by root after a chroot into a user-specified directory in a namedspaced environment...

7CVSS6.8AI score0.03081EPSS
Exploits13References10
Prion
Prion
added 2018/02/09 10:29 p.m.17 views

Security feature bypass

The crash reporting feature in Abrt allows local users to gain privileges by leveraging an execve by root after a chroot into a user-specified directory in a namedspaced environment...

6.9CVSS6.9AI score0.03081EPSS
Exploits13References10Affected Software1
Cvelist
Cvelist
added 2018/02/09 10:0 p.m.32 views

CVE-2015-1862

The crash reporting feature in Abrt allows local users to gain privileges by leveraging an execve by root after a chroot into a user-specified directory in a namedspaced environment...

6.9AI score0.03081EPSS
Exploits13References10
Rows per page
Query Builder