CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-3151 – abrt: directory traversals in several D-Bus methods implemented by abrt-dbus
https://notcve.org/view.php?id=CVE-2015-3151
Directory traversal vulnerability in abrt-dbus in Automatic Bug Reporting Tool (ABRT) allows local users to read, write to, or change ownership of arbitrary files via unspecified vectors to the (1) NewProblem, (2) GetInfo, (3) SetElement, or (4) DeleteElement method. Una vulnerabilidad de salto de directorio en abrt-dbus en Automatic Bug Reporting Tool (ABRT), permite a usuarios locales leer, escribir o cambiar la propiedad de archivos arbitrarios por medio de vectores no especificados en el método (1) NewProblem, (2) GetInfo, (3) SetElement, o (4) DeleteElement. Multiple directory traversal flaws were found in the abrt-dbus D-Bus service. A local attacker could use these flaws to read and write arbitrary files as the root user. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-3151 https://github.com/abrt/abrt/commit/7a47f57975be0d285a2f20758e4572dca6d9cdd3 https://github.com/abrt/abrt/commit/c796c76341ee846cfb897ed645bac211d7d0a932 https://github.com/abrt/abrt/commit/f3c2a6af3455b2882e28570e8a04f1c2d4500d5b https://github.com/abrt/libreport/commit/239c4f7d1f47265526b39ad70106767d00805277 https://github.com/abrt/libreport/commit/54ecf8d017580b495d6501e53ca54e453a73a364 https://access.redhat.com/security/cve/CVE-2015-3151 https://bugzilla.redhat.com/show_bug.cgi? • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 3.7EPSS: 0%CPEs: 12EXPL: 1CVE-2012-5659 – abrt: Arbitrary Python code execution due improper sanitization of the PYTHONPATH environment variable by installing debuginfo packages into cache
https://notcve.org/view.php?id=CVE-2012-5659
Untrusted search path vulnerability in plugins/abrt-action-install-debuginfo-to-abrt-cache.c in Automatic Bug Reporting Tool (ABRT) 2.0.9 and earlier allows local users to load and execute arbitrary Python modules by modifying the PYTHONPATH environment variable to reference a malicious Python module. Vulnerabilidad de búsqueda en ruta no confiable en plugins/abrt-action-install-debuginfo-to-abrt-cache.c en Automatic Bug Reporting Tool (ABRT) v2.0.9 y anteriores, permite a usuarios locales cargar y ejecutar módulos Python arbitrariamente modificando la variable de entorno PYTHONPATH para referenciar a un módulo Python malicioso. • http://git.fedorahosted.org/cgit/abrt.git/commit/?id=b173d81b577953b96a282167c7eecd66bf111a4f http://rhn.redhat.com/errata/RHSA-2013-0215.html https://bugzilla.redhat.com/show_bug.cgi?id=854011 https://access.redhat.com/security/cve/CVE-2012-5659 •
CVSS: 6.9EPSS: 0%CPEs: 12EXPL: 1CVE-2012-5660 – abrt: Race condition in abrt-action-install-debuginfo
https://notcve.org/view.php?id=CVE-2012-5660
abrt-action-install-debuginfo in Automatic Bug Reporting Tool (ABRT) 2.0.9 and earlier allows local users to set world-writable permissions for arbitrary files and possibly gain privileges via a symlink attack on "the directories used to store information about crashes." abrt-action-install-debuginfo en Automatic Bug Reporting Tool (ABRT) v2.0.9 y anteriores, permite a usuarios locales establecer permisos de lectura globales para archivos de su elección y posiblemente obtener privilegios a través de un ataque de enlace simbólico (symlink) sobre "los directorios utilizados para almacenar información acerca de caídas del servicio". • http://git.fedorahosted.org/cgit/libreport.git/commit/?id=3bbf961b1884dd32654dd39b360dd78ef294b10a http://rhn.redhat.com/errata/RHSA-2013-0215.html https://bugzilla.redhat.com/show_bug.cgi?id=887866 https://access.redhat.com/security/cve/CVE-2012-5660 • CWE-264: Permissions, Privileges, and Access Controls CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-426: Untrusted Search Path •
CVSS: 1.9EPSS: 0%CPEs: 1EXPL: 1CVE-2012-1106 – abrt: Setuid process core dump archived with unsafe GID permissions
https://notcve.org/view.php?id=CVE-2012-1106
The C handler plug-in in Automatic Bug Reporting Tool (ABRT), possibly 2.0.8 and earlier, does not properly set the group (GID) permissions on core dump files for setuid programs when the sysctl fs.suid_dumpable option is set to 2, which allows local users to obtain sensitive information. El controlador de C plug-in en la herramienta automática de informe de errores (ABRT), posiblemente v2.0.8 y versiones anteriores, no establecer correctamente los permisos de grupo (GID) en los ficheros de volcado del núcleo ("code dump") para progarmas con el setuid activado cuando la opción fs.suid_dumpable en sysctl se establece a 2, lo que permite a usuarios locales obtener información sensible. • http://rhn.redhat.com/errata/RHSA-2012-0841.html http://www.securityfocus.com/bid/54121 https://exchange.xforce.ibmcloud.com/vulnerabilities/76524 https://fedorahosted.org/abrt/changeset/23d6997d7886abe118c28254f7f73f0b19b2d4e0 https://access.redhat.com/security/cve/CVE-2012-1106 https://bugzilla.redhat.com/show_bug.cgi?id=785163 • CWE-264: Permissions, Privileges, and Access Controls •