CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-3159 – abrt: missing process environment sanitizaton in abrt-action-install-debuginfo-to-abrt-cache
https://notcve.org/view.php?id=CVE-2015-3159
The abrt-action-install-debuginfo-to-abrt-cache help program in Automatic Bug Reporting Tool (ABRT) does not properly handle the process environment before invoking abrt-action-install-debuginfo, which allows local users to gain privileges. El programa de ayuda abrt-action-install-debuginfo-to-abrt-cache en Automatic Bug Reporting Tool (ABRT). no maneja apropiadamente el entorno del proceso antes de invocar a abrt-action-install-debuginfo, lo que permite a usuarios locales alcanzar privilegios. It was discovered that the abrt-action-install-debuginfo-to-abrt-cache helper program did not properly filter the process environment before invoking abrt-action-install-debuginfo. A local attacker could use this flaw to escalate their privileges on the system. • https://bugzilla.redhat.com/show_bug.cgi?id=1216962 https://github.com/abrt/abrt/commit/9943a77bca37a0829ccd3784d1dfab37f8c24e7b https://github.com/abrt/abrt/commit/9a4100678fea4d60ec93d35f4c5de2e9ad054f3a https://access.redhat.com/security/cve/CVE-2015-3159 • CWE-20: Improper Input Validation •
CVSS: 6.9EPSS: 0%CPEs: 12EXPL: 1CVE-2012-5660 – abrt: Race condition in abrt-action-install-debuginfo
https://notcve.org/view.php?id=CVE-2012-5660
abrt-action-install-debuginfo in Automatic Bug Reporting Tool (ABRT) 2.0.9 and earlier allows local users to set world-writable permissions for arbitrary files and possibly gain privileges via a symlink attack on "the directories used to store information about crashes." abrt-action-install-debuginfo en Automatic Bug Reporting Tool (ABRT) v2.0.9 y anteriores, permite a usuarios locales establecer permisos de lectura globales para archivos de su elección y posiblemente obtener privilegios a través de un ataque de enlace simbólico (symlink) sobre "los directorios utilizados para almacenar información acerca de caídas del servicio". • http://git.fedorahosted.org/cgit/libreport.git/commit/?id=3bbf961b1884dd32654dd39b360dd78ef294b10a http://rhn.redhat.com/errata/RHSA-2013-0215.html https://bugzilla.redhat.com/show_bug.cgi?id=887866 https://access.redhat.com/security/cve/CVE-2012-5660 • CWE-264: Permissions, Privileges, and Access Controls CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-426: Untrusted Search Path •
CVSS: 3.7EPSS: 0%CPEs: 12EXPL: 1CVE-2012-5659 – abrt: Arbitrary Python code execution due improper sanitization of the PYTHONPATH environment variable by installing debuginfo packages into cache
https://notcve.org/view.php?id=CVE-2012-5659
Untrusted search path vulnerability in plugins/abrt-action-install-debuginfo-to-abrt-cache.c in Automatic Bug Reporting Tool (ABRT) 2.0.9 and earlier allows local users to load and execute arbitrary Python modules by modifying the PYTHONPATH environment variable to reference a malicious Python module. Vulnerabilidad de búsqueda en ruta no confiable en plugins/abrt-action-install-debuginfo-to-abrt-cache.c en Automatic Bug Reporting Tool (ABRT) v2.0.9 y anteriores, permite a usuarios locales cargar y ejecutar módulos Python arbitrariamente modificando la variable de entorno PYTHONPATH para referenciar a un módulo Python malicioso. • http://git.fedorahosted.org/cgit/abrt.git/commit/?id=b173d81b577953b96a282167c7eecd66bf111a4f http://rhn.redhat.com/errata/RHSA-2013-0215.html https://bugzilla.redhat.com/show_bug.cgi?id=854011 https://access.redhat.com/security/cve/CVE-2012-5659 •
CVSS: 1.9EPSS: 0%CPEs: 1EXPL: 1CVE-2012-1106 – abrt: Setuid process core dump archived with unsafe GID permissions
https://notcve.org/view.php?id=CVE-2012-1106
The C handler plug-in in Automatic Bug Reporting Tool (ABRT), possibly 2.0.8 and earlier, does not properly set the group (GID) permissions on core dump files for setuid programs when the sysctl fs.suid_dumpable option is set to 2, which allows local users to obtain sensitive information. El controlador de C plug-in en la herramienta automática de informe de errores (ABRT), posiblemente v2.0.8 y versiones anteriores, no establecer correctamente los permisos de grupo (GID) en los ficheros de volcado del núcleo ("code dump") para progarmas con el setuid activado cuando la opción fs.suid_dumpable en sysctl se establece a 2, lo que permite a usuarios locales obtener información sensible. • http://rhn.redhat.com/errata/RHSA-2012-0841.html http://www.securityfocus.com/bid/54121 https://exchange.xforce.ibmcloud.com/vulnerabilities/76524 https://fedorahosted.org/abrt/changeset/23d6997d7886abe118c28254f7f73f0b19b2d4e0 https://access.redhat.com/security/cve/CVE-2012-1106 https://bugzilla.redhat.com/show_bug.cgi?id=785163 • CWE-264: Permissions, Privileges, and Access Controls •