CVE-2013-4209
https://notcve.org/view.php?id=CVE-2013-4209
Automatic Bug Reporting Tool (ABRT) before 2.1.6 allows local users to obtain sensitive information about arbitrary files via vectors related to sha1sums. Automatic Bug Reporting Tool (ABRT) en versiones anteriores a la 2.1.6 permite que usuarios locales obtengan información sensible sobre archivos arbitrarios mediante vectores relacionados con sha1sums. • https://bugzilla.redhat.com/show_bug.cgi?id=991604 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2015-5273 – abrt (Centos 7.1 / Fedora 22) - Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2015-5273
The abrt-action-install-debuginfo-to-abrt-cache help program in Automatic Bug Reporting Tool (ABRT) before 2.7.1 allows local users to write to arbitrary files via a symlink attack on unpacked.cpio in a pre-created directory with a predictable name in /var/tmp. El programa de ayuda abrt-action-install-debuginfo-to-abrt-cache en Automatic Bug Reporting Tool (ABRT) en versiones anteriores a 2.7.1 permite a usuarios locales escribir archivos arbitrarios a través de un ataque de un enlace simbólico en unpacked.cpio en un directorio creado previamente con un nombre predecible en /var/tmp. It was found that the ABRT debug information installer (abrt-action-install-debuginfo-to-abrt-cache) did not use temporary directories in a secure way. A local attacker could use the flaw to create symbolic links and files at arbitrary locations as the abrt user. • https://www.exploit-db.com/exploits/38835 http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172809.html http://rhn.redhat.com/errata/RHSA-2015-2505.html http://www.openwall.com/lists/oss-security/2015/12/01/1 http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html http://www.securityfocus.com/bid/78113 https://bugzilla.redhat.com/show_bug.cgi?id=1262252 https://github.com/abrt/abrt/commit/50ee8130fb4cd4ef1af7682a2c85dd99cb99424e https://access. • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-377: Insecure Temporary File •
CVE-2015-5287 – ABRT sosreport Privilege Escalation
https://notcve.org/view.php?id=CVE-2015-5287
The abrt-hook-ccpp help program in Automatic Bug Reporting Tool (ABRT) before 2.7.1 allows local users with certain permissions to gain privileges via a symlink attack on a file with a predictable name, as demonstrated by /var/tmp/abrt/abrt-hax-coredump or /var/spool/abrt/abrt-hax-coredump. El programa de ayuda abrt-hook-ccpp en Automatic Bug Reporting Tool (ABRT) en versiones anteriores a 2.7.1 permite a usuarios locales con ciertos permisos obtener privilegios a través de un ataque de enlace simbólico en un archivo con un nombre predecible, según lo demostrado por /var/tmp/abrt/abrt-hax-coredump o /var/spool/abrt/abrt-hax-coredump. It was discovered that the kernel-invoked coredump processor provided by ABRT did not handle symbolic links correctly when writing core dumps of ABRT programs to the ABRT dump directory (/var/spool/abrt). A local attacker with write access to an ABRT problem directory could use this flaw to escalate their privileges. • https://www.exploit-db.com/exploits/47421 https://www.exploit-db.com/exploits/38832 https://www.exploit-db.com/exploits/38835 http://packetstormsecurity.com/files/154592/ABRT-sosreport-Privilege-Escalation.html http://rhn.redhat.com/errata/RHSA-2015-2505.html http://www.openwall.com/lists/oss-security/2015/12/01/1 http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html http://www.securityfocus.com/bid/78137 https://bugzilla.redhat.com/show_bug.cgi?id=126 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVE-2015-3315 – Abrt (Fedora 21) - Race Condition
https://notcve.org/view.php?id=CVE-2015-3315
Automatic Bug Reporting Tool (ABRT) allows local users to read, change the ownership of, or have other unspecified impact on arbitrary files via a symlink attack on (1) /var/tmp/abrt/*/maps, (2) /tmp/jvm-*/hs_error.log, (3) /proc/*/exe, (4) /etc/os-release in a chroot, or (5) an unspecified root directory related to librpm. Automatic Bug Reporting Tool (ABRT) permite a usuarios locales leer, cambiar la propiedad o realizar otras acciones no especificada en archivos arbitrarios mediante symlink attack en (1) / var / tmp / abrt / * / maps, (2) / tmp /jvm-*/hs_error.log, (3) / proc / * / exe, (4) / etc / os-release en un chroot, o (5) un directorio raíz no especificado relacionado con librpm. It was found that ABRT was vulnerable to multiple race condition and symbolic link flaws. A local attacker could use either of these flaws to potentially escalate their privileges on the system. • https://www.exploit-db.com/exploits/36747 https://www.exploit-db.com/exploits/44097 http://rhn.redhat.com/errata/RHSA-2015-1083.html http://rhn.redhat.com/errata/RHSA-2015-1210.html http://www.openwall.com/lists/oss-security/2015/04/14/4 http://www.openwall.com/lists/oss-security/2015/04/16/12 http://www.securityfocus.com/bid/75117 https://bugzilla.redhat.com/show_bug.cgi?id=1211835 https://github.com/abrt/abrt/commit/17cb66b13997b0159b4253b3f5722db79f476d68 https:/ • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVE-2015-1869 – abrt: default event scripts follow symbolic links
https://notcve.org/view.php?id=CVE-2015-1869
The default event handling scripts in Automatic Bug Reporting Tool (ABRT) allow local users to gain privileges as demonstrated by a symlink attack on a var_log_messages file. Los scripts de manejo de eventos predeterminados en Automatic Bug Reporting Tool (ABRT), permiten a usuarios locales alcanzar privilegios como es demostrado por un ataque de enlace simbólico en un archivo de var_log_messages. It was discovered that the default event handling scripts installed by ABRT did not handle symbolic links correctly. A local attacker with write access to an ABRT problem directory could use this flaw to escalate their privileges. • http://www.openwall.com/lists/oss-security/2015/04/17/5 https://bugzilla.redhat.com/show_bug.cgi?id=1212861 https://github.com/abrt/abrt/commit/3287aa12eb205cff95cdd00d6d6c5c9a4f8f0eca https://github.com/abrt/abrt/commit/7417505e1d93cc95ec648b74e3c801bc67aacb9f https://access.redhat.com/security/cve/CVE-2015-1869 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •