12 matches found
Fedora 23 : abrt-2.7.1-1.fc23 (2015-79c1758468)
CVE-2015-5287: ignore crashes of abrt tools if DebugLevel = 0 - CVE-2015-5273: create own random temporary directory - make crashes of processes with locked memory not-reportable - detect xorg backtraces from journald - fix the coredumpctl integration tool Note that Tenable Network Security has...
Scientific Linux Security Update : abrt and libreport on SL7.x x86_64 (20151123)
It was found that the ABRT debug information installer abrt-action- install-debuginfo-to-abrt-cache did not use temporary directories in a secure way. A local attacker could use the flaw to create symbolic links and files at arbitrary locations as the abrt user. CVE-2015-5273 It was discovered th...
CVE-2015-5273
CVE-2015-5273 affects ABRT and libreport: the abrt-action-install-debuginfo-to-abrt-cache helper allows a local attacker to write arbitrary files via a symlink attack on unpacked.cpio in a pre-created directory with a predictable name in /var/tmp. Public advisories (RHSA/CESA) and distributed sec...
CentOS 7 : abrt / libreport (CESA-2015:2505)
Updated abrt and libreport packages that fix three security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
abrt, libreport security update
CentOS Errata and Security Advisory CESA-2015:2505 Updated abrt and libreport packages that fix three security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base...
abrt (Centos 7.1 Fedora 22) - Local Privilege Escalation
abrt Centos 7.1 Fedora 22 - Local Privilege Escalation !/usr/bin/python CVE-2015-5273 + CVE-2015-5287 CENTOS 7.1/Fedora22 local root probably works on SL and older versions too abrt-hook-ccpp insecure open usage + abrt-action-install-debuginfo insecure temp directory usage rebel 09/2015...
CVE-2015-5273
creationtimestamp| type| source ---|---|--- 2015-12-01 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/38835...
Oracle Linux 7 : abrt / and / libreport (ELSA-2015-2505)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-2505 advisory. - Fixes for: CVE-2015-5273 and CVE-2015-5287 - Fixes CVE-2015-5302 Tenable has extracted the preceding description block directly from the Oracle Linux...
Oracle: Security Advisory (ELSA-2015-2505)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
abrt and libreport security update
abrt 2.1.11-35.0.1 - Drop libreport-rhel and libreport-plugin-rhtsupport requires 2.1.11-35 - make /var/spool/abrt owned by root - remove 'r' from /var/spool/abrt for other users - abrt-action-install-debug-info: use secure temporary directory - stop saving abrt's core files to /var/spool/abrt if...
RedHat Update for abrt and libreport RHSA-2015:2505-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 7 : abrt and libreport (RHSA-2015:2505)
Updated abrt and libreport packages that fix three security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...