CVE-2015-3150

abrt: abrt-dbus does not guard against crafted problem directory path arguments

Severity Score

7.1

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

abrt-dbus in Automatic Bug Reporting Tool (ABRT) allows local users to delete or change the ownership of arbitrary files via the problem directory argument to the (1) ChownProblemDir, (2) DeleteElement, or (3) DeleteProblem method.

abrt-dbus en Automatic Bug Reporting Tool (ABRT), permite a usuarios locales eliminar o cambiar la propiedad de archivos arbitrarios por medio del argumento del directorio problema en el método (1) ChownProblemDir, (2) DeleteElement o (3) DeleteProblem.

It was discovered that the abrt-dbus D-Bus service did not properly check the validity of the problem directory argument in the ChownProblemDir, DeleteElement, and DeleteProblem methods. A local attacker could use this flaw take ownership of arbitrary files and directories, or to delete files and directories as the root user.

*Credits: N/A

CVSS Scores

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

None

Attack Vector

Local

Attack Complexity

Low

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

Attack Vector

Local

Attack Complexity

Low

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2015-04-10 CVE Reserved
2015-06-10 CVE Published
2023-03-08 EPSS Updated
2024-08-06 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-20: Improper Input Validation

CAPEC

References (6)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC
https://github.com/abrt/abrt/commit/6e811d78e2719988ae291181f5b133af32ce62d8	2023-02-13
https://github.com/abrt/abrt/commit/7814554e0827ece778ca88fd90832bd4d05520b1	2023-02-13
https://github.com/abrt/abrt/commit/b7f8bd20b7fb5b72f003ae3fa647c1d75f4218b7	2023-02-13
https://github.com/abrt/libreport/commit/1951e7282043dfe1268d492aea056b554baedb75	2023-02-13

URL	Date	SRC
https://bugzilla.redhat.com/show_bug.cgi?id=1214457	2015-06-09
https://access.redhat.com/security/cve/CVE-2015-3150	2015-06-09

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Redhat Search vendor "Redhat"		Automatic Bug Reporting Tool Search vendor "Redhat" for product "Automatic Bug Reporting Tool"				-		-		Affected