Lucene search
K

21 matches found

0day.today
0day.today
added 2019/09/26 12:0 a.m.71 views

ABRT - sosreport Privilege Escalation Exploit

This Metasploit module attempts to gain root privileges on RHEL systems with a vulnerable version of Automatic Bug Reporting Tool ABRT configured as the crash handler. sosreport uses an insecure temporary directory, allowing local users to write to arbitrary files CVE-2015-5287. This module has...

6.9CVSS0.03296EPSS
Exploits17
Exploit DB
Exploit DB
added 2019/09/25 12:0 a.m.236 views

ABRT - sosreport Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ABRT sosreport Privilege Escalation', 'Description' = %q This module attempts to gain root privileges on RHEL systems with a vulnerable version o...

6.9CVSS7AI score0.03296EPSS
Exploits17
Packet Storm
Packet Storm
added 2019/09/24 12:0 a.m.334 views

ABRT sosreport Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ABRT sosreport Privilege Escalation', 'Description' = %q This module attempts to gain root privileges on RHEL systems with a vulnerable version o...

6.9CVSS0.2AI score0.03296EPSS
Exploits17
Metasploit
Metasploit
added 2019/04/20 11:48 a.m.82 views

ABRT sosreport Privilege Escalation

This module attempts to gain root privileges on RHEL systems with a vulnerable version of Automatic Bug Reporting Tool ABRT configured as the crash handler. sosreport uses an insecure temporary directory, allowing local users to write to arbitrary files CVE-2015-5287. This module uses a symlink...

6.9CVSS6.6AI score0.03296EPSS
Exploits17
Tenable Nessus
Tenable Nessus
added 2016/03/04 12:0 a.m.30 views

Fedora 23 : abrt-2.7.1-1.fc23 (2015-79c1758468)

CVE-2015-5287: ignore crashes of abrt tools if DebugLevel = 0 - CVE-2015-5273: create own random temporary directory - make crashes of processes with locked memory not-reportable - detect xorg backtraces from journald - fix the coredumpctl integration tool Note that Tenable Network Security has...

6.9CVSS5.3AI score0.03296EPSS
Exploits18References3
Tenable Nessus
Tenable Nessus
added 2015/12/22 12:0 a.m.41 views

Scientific Linux Security Update : abrt and libreport on SL7.x x86_64 (20151123)

It was found that the ABRT debug information installer abrt-action- install-debuginfo-to-abrt-cache did not use temporary directories in a secure way. A local attacker could use the flaw to create symbolic links and files at arbitrary locations as the abrt user. CVE-2015-5273 It was discovered th...

6.9CVSS5.7AI score0.03296EPSS
Exploits18References4
Saint
Saint
added 2015/12/14 12:0 a.m.47 views

ABRT/sosreport privilege elevation

Added: 12/14/2015 CVE: CVE-2015-5287 Background The Automatic Bug Reporting Tool ABRT is an application that runs as a daemon on some Linux systems. ABRT collects relevant crash data when another application crashes and can report it to a relevant issue tracker for analysis. After saving some...

6.9CVSS6.4AI score0.03296EPSS
Exploits17
Saint
Saint
added 2015/12/14 12:0 a.m.31 views

ABRT/sosreport privilege elevation

Added: 12/14/2015 CVE: CVE-2015-5287 Background The Automatic Bug Reporting Tool ABRT is an application that runs as a daemon on some Linux systems. ABRT collects relevant crash data when another application crashes and can report it to a relevant issue tracker for analysis. After saving some...

6.9CVSS6.4AI score0.03296EPSS
Exploits17
NVD
NVD
added 2015/12/07 6:59 p.m.18 views

CVE-2015-5287

The abrt-hook-ccpp help program in Automatic Bug Reporting Tool ABRT before 2.7.1 allows local users with certain permissions to gain privileges via a symlink attack on a file with a predictable name, as demonstrated by /var/tmp/abrt/abrt-hax-coredump or /var/spool/abrt/abrt-hax-coredump...

6.9CVSS6.3AI score0.03296EPSS
Exploits17References8
CVE
CVE
added 2015/12/07 6:0 p.m.152 views

CVE-2015-5287

CVE-2015-5287 affects ABRT’s abrt-hook-ccpp prior to 2.7.1, enabling a local user with certain permissions to gain privileges via a symlink attack on a file with a predictable name (e.g., /var/tmp/abrt/abrt-hax-coredump or /var/spool/abrt/abrt-hax-coredump). Publicly documented exploit paths incl...

6.9CVSS6.3AI score0.03296EPSS
Exploits17References8Affected Software1
Tenable Nessus
Tenable Nessus
added 2015/12/02 12:0 a.m.30 views

CentOS 7 : abrt / libreport (CESA-2015:2505)

Updated abrt and libreport packages that fix three security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

6.9CVSS5.8AI score0.03296EPSS
Exploits18References5
Cent OS
Cent OS
added 2015/12/01 6:46 p.m.63 views

abrt, libreport security update

CentOS Errata and Security Advisory CESA-2015:2505 Updated abrt and libreport packages that fix three security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base...

6.9CVSS5.9AI score0.03296EPSS
Exploits18References7
exploitpack
exploitpack
added 2015/12/01 12:0 a.m.38 views

RHEL 7.07.1 - abrtsosreport Local Privilege Escalation

RHEL 7.07.1 - abrtsosreport Local Privilege Escalation !/usr/bin/python CVE-2015-5287 ? abrt/sosreport RHEL 7.0/7.1 local root rebel 09/2015 user@localhost $ python sosreport-rhel7.py crashing pid 19143 waiting for dump directory dump directory: /var/tmp/abrt/ccpp-2015-11-30-19:41:13-19143 waitin...

6.9CVSS0.03296EPSS
Exploits17
Exploit DB
Exploit DB
added 2015/12/01 12:0 a.m.52 views

RHEL 7.0/7.1 - 'abrt/sosreport' Local Privilege Escalation

!/usr/bin/python CVE-2015-5287 ? abrt/sosreport RHEL 7.0/7.1 local root rebel 09/2015 user@localhost $ python sosreport-rhel7.py crashing pid 19143 waiting for dump directory dump directory: /var/tmp/abrt/ccpp-2015-11-30-19:41:13-19143 waiting for sosreport directory sosreport:...

6.9CVSS6.4AI score0.03296EPSS
Exploits17
exploitpack
exploitpack
added 2015/12/01 12:0 a.m.48 views

abrt (Centos 7.1 Fedora 22) - Local Privilege Escalation

abrt Centos 7.1 Fedora 22 - Local Privilege Escalation !/usr/bin/python CVE-2015-5273 + CVE-2015-5287 CENTOS 7.1/Fedora22 local root probably works on SL and older versions too abrt-hook-ccpp insecure open usage + abrt-action-install-debuginfo insecure temp directory usage rebel 09/2015...

6.9CVSS0.4AI score0.03296EPSS
Exploits18
Circl
Circl
added 2015/12/01 12:0 a.m.30 views

CVE-2015-5287

creationtimestamp| type| source ---|---|--- 2015-12-01 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/38835 2015-12-01 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/38832 2019-09-24 14:59:10+00:00| seen|...

6.9CVSS5.7AI score0.03296EPSS
Exploits17References5
Tenable Nessus
Tenable Nessus
added 2015/11/30 12:0 a.m.30 views

Oracle Linux 7 : abrt / and / libreport (ELSA-2015-2505)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-2505 advisory. - Fixes for: CVE-2015-5273 and CVE-2015-5287 - Fixes CVE-2015-5302 Tenable has extracted the preceding description block directly from the Oracle Linux...

6.9CVSS5.6AI score0.03296EPSS
Exploits18References4
OpenVAS
OpenVAS
added 2015/11/27 12:0 a.m.26 views

Oracle: Security Advisory (ELSA-2015-2505)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.9CVSS6.4AI score0.03296EPSS
Exploits18References2
Oracle linux
Oracle linux
added 2015/11/25 12:0 a.m.42 views

abrt and libreport security update

abrt 2.1.11-35.0.1 - Drop libreport-rhel and libreport-plugin-rhtsupport requires 2.1.11-35 - make /var/spool/abrt owned by root - remove 'r' from /var/spool/abrt for other users - abrt-action-install-debug-info: use secure temporary directory - stop saving abrt's core files to /var/spool/abrt if...

6.9CVSS2.1AI score0.03296EPSS
Exploits18
Tenable Nessus
Tenable Nessus
added 2015/11/24 12:0 a.m.66 views

RHEL 7 : abrt and libreport (RHSA-2015:2505)

Updated abrt and libreport packages that fix three security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

6.9CVSS5.8AI score0.03296EPSS
Exploits18References7
Rows per page
Query Builder