Search criteria
6 vulnerabilities by ABRT
CVE-2011-4088 (GCVE-0-2011-4088)
Vulnerability from cvelistv5 – Published: 2020-01-31 16:45 – Updated: 2024-08-06 23:53
VLAI?
Summary
ABRT might allow attackers to obtain sensitive information from crash reports.
Severity ?
No CVSS data available.
CWE
- Other
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:53:32.853Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071027.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71871"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ABRT",
"vendor": "ABRT",
"versions": [
{
"status": "affected",
"version": "2.0.8"
}
]
}
],
"datePublic": "2011-12-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ABRT might allow attackers to obtain sensitive information from crash reports."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Other",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-31T16:45:33",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071027.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71871"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-4088",
"datePublished": "2020-01-31T16:45:33",
"dateReserved": "2011-10-18T00:00:00",
"dateUpdated": "2024-08-06T23:53:32.853Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-3159 (GCVE-0-2015-3159)
Vulnerability from cvelistv5 – Published: 2020-01-14 18:00 – Updated: 2024-08-06 05:39
VLAI?
Summary
The abrt-action-install-debuginfo-to-abrt-cache help program in Automatic Bug Reporting Tool (ABRT) does not properly handle the process environment before invoking abrt-action-install-debuginfo, which allows local users to gain privileges.
Severity ?
No CVSS data available.
CWE
- Privilege
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:39:31.666Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1216962"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/abrt/abrt/commit/9943a77bca37a0829ccd3784d1dfab37f8c24e7b"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/abrt/abrt/commit/9a4100678fea4d60ec93d35f4c5de2e9ad054f3a"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ABRT",
"vendor": "ABRT",
"versions": [
{
"status": "affected",
"version": "before 9a4100678fea4d60ec93d35f4c5de2e9ad054f3a"
}
]
}
],
"datePublic": "2015-04-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The abrt-action-install-debuginfo-to-abrt-cache help program in Automatic Bug Reporting Tool (ABRT) does not properly handle the process environment before invoking abrt-action-install-debuginfo, which allows local users to gain privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-14T18:00:14",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1216962"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/abrt/abrt/commit/9943a77bca37a0829ccd3784d1dfab37f8c24e7b"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/abrt/abrt/commit/9a4100678fea4d60ec93d35f4c5de2e9ad054f3a"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2015-3159",
"datePublished": "2020-01-14T18:00:14",
"dateReserved": "2015-04-10T00:00:00",
"dateUpdated": "2024-08-06T05:39:31.666Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-3151 (GCVE-0-2015-3151)
Vulnerability from cvelistv5 – Published: 2020-01-14 17:47 – Updated: 2024-08-06 05:39
VLAI?
Summary
Directory traversal vulnerability in abrt-dbus in Automatic Bug Reporting Tool (ABRT) allows local users to read, write to, or change ownership of arbitrary files via unspecified vectors to the (1) NewProblem, (2) GetInfo, (3) SetElement, or (4) DeleteElement method.
Severity ?
No CVSS data available.
CWE
- Directory Traversal (Local File Inclusion)
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:39:31.509Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-3151"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/abrt/abrt/commit/c796c76341ee846cfb897ed645bac211d7d0a932"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/abrt/abrt/commit/f3c2a6af3455b2882e28570e8a04f1c2d4500d5b"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/abrt/libreport/commit/54ecf8d017580b495d6501e53ca54e453a73a364"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/abrt/libreport/commit/239c4f7d1f47265526b39ad70106767d00805277"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/abrt/abrt/commit/7a47f57975be0d285a2f20758e4572dca6d9cdd3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ABRT",
"vendor": "ABRT",
"versions": [
{
"status": "affected",
"version": "before 7a47f57975be0d285a2f20758e4572dca6d9cdd3"
}
]
}
],
"datePublic": "2015-06-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in abrt-dbus in Automatic Bug Reporting Tool (ABRT) allows local users to read, write to, or change ownership of arbitrary files via unspecified vectors to the (1) NewProblem, (2) GetInfo, (3) SetElement, or (4) DeleteElement method."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Directory Traversal (Local File Inclusion)",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-14T17:47:12",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-3151"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/abrt/abrt/commit/c796c76341ee846cfb897ed645bac211d7d0a932"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/abrt/abrt/commit/f3c2a6af3455b2882e28570e8a04f1c2d4500d5b"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/abrt/libreport/commit/54ecf8d017580b495d6501e53ca54e453a73a364"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/abrt/libreport/commit/239c4f7d1f47265526b39ad70106767d00805277"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/abrt/abrt/commit/7a47f57975be0d285a2f20758e4572dca6d9cdd3"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2015-3151",
"datePublished": "2020-01-14T17:47:12",
"dateReserved": "2015-04-10T00:00:00",
"dateUpdated": "2024-08-06T05:39:31.509Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-3150 (GCVE-0-2015-3150)
Vulnerability from cvelistv5 – Published: 2020-01-14 17:34 – Updated: 2024-08-06 05:39
VLAI?
Summary
abrt-dbus in Automatic Bug Reporting Tool (ABRT) allows local users to delete or change the ownership of arbitrary files via the problem directory argument to the (1) ChownProblemDir, (2) DeleteElement, or (3) DeleteProblem method.
Severity ?
No CVSS data available.
CWE
- Other
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:39:31.644Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1214457"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/abrt/abrt/commit/6e811d78e2719988ae291181f5b133af32ce62d8"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/abrt/abrt/commit/7814554e0827ece778ca88fd90832bd4d05520b1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/abrt/abrt/commit/b7f8bd20b7fb5b72f003ae3fa647c1d75f4218b7"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/abrt/libreport/commit/1951e7282043dfe1268d492aea056b554baedb75"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ABRT",
"vendor": "ABRT",
"versions": [
{
"status": "affected",
"version": "before 1951e7282043dfe1268d492aea056b554baedb75"
}
]
}
],
"datePublic": "2015-06-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "abrt-dbus in Automatic Bug Reporting Tool (ABRT) allows local users to delete or change the ownership of arbitrary files via the problem directory argument to the (1) ChownProblemDir, (2) DeleteElement, or (3) DeleteProblem method."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Other",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-14T17:34:43",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1214457"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/abrt/abrt/commit/6e811d78e2719988ae291181f5b133af32ce62d8"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/abrt/abrt/commit/7814554e0827ece778ca88fd90832bd4d05520b1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/abrt/abrt/commit/b7f8bd20b7fb5b72f003ae3fa647c1d75f4218b7"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/abrt/libreport/commit/1951e7282043dfe1268d492aea056b554baedb75"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2015-3150",
"datePublished": "2020-01-14T17:34:43",
"dateReserved": "2015-04-10T00:00:00",
"dateUpdated": "2024-08-06T05:39:31.644Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-3147 (GCVE-0-2015-3147)
Vulnerability from cvelistv5 – Published: 2020-01-14 17:31 – Updated: 2024-08-06 05:39
VLAI?
Summary
daemon/abrt-handle-upload.in in Automatic Bug Reporting Tool (ABRT), when moving problem reports from /var/spool/abrt-upload, allows local users to write to arbitrary files or possibly have other unspecified impact via a symlink attack on (1) /var/spool/abrt or (2) /var/tmp/abrt.
Severity ?
No CVSS data available.
CWE
- Symbolic Link Following
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:39:31.852Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/04/17/5"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1212953"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/abrt/abrt/pull/955"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1083.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/abrt/abrt/commit/3746b7627218438ae7d781fc8b18a221454e9091"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ABRT",
"vendor": "ABRT",
"versions": [
{
"status": "affected",
"version": "before 2.6.0"
}
]
}
],
"datePublic": "2015-04-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "daemon/abrt-handle-upload.in in Automatic Bug Reporting Tool (ABRT), when moving problem reports from /var/spool/abrt-upload, allows local users to write to arbitrary files or possibly have other unspecified impact via a symlink attack on (1) /var/spool/abrt or (2) /var/tmp/abrt."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Symbolic Link Following",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-14T17:31:49",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.openwall.com/lists/oss-security/2015/04/17/5"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1212953"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/abrt/abrt/pull/955"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1083.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/abrt/abrt/commit/3746b7627218438ae7d781fc8b18a221454e9091"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2015-3147",
"datePublished": "2020-01-14T17:31:49",
"dateReserved": "2015-04-10T00:00:00",
"dateUpdated": "2024-08-06T05:39:31.852Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-1869 (GCVE-0-2015-1869)
Vulnerability from cvelistv5 – Published: 2020-01-14 17:31 – Updated: 2024-08-06 04:54
VLAI?
Summary
The default event handling scripts in Automatic Bug Reporting Tool (ABRT) allow local users to gain privileges as demonstrated by a symlink attack on a var_log_messages file.
Severity ?
No CVSS data available.
CWE
- Symbolic Link Following
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:54:16.338Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/04/17/5"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1212861"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/abrt/abrt/commit/3287aa12eb205cff95cdd00d6d6c5c9a4f8f0eca"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/abrt/abrt/commit/7417505e1d93cc95ec648b74e3c801bc67aacb9f"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ABRT",
"vendor": "ABRT",
"versions": [
{
"status": "affected",
"version": "before 7417505e1d93cc95ec648b74e3c801bc67aacb9f"
}
]
}
],
"datePublic": "2015-04-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The default event handling scripts in Automatic Bug Reporting Tool (ABRT) allow local users to gain privileges as demonstrated by a symlink attack on a var_log_messages file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Symbolic Link Following",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-14T17:31:46",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.openwall.com/lists/oss-security/2015/04/17/5"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1212861"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/abrt/abrt/commit/3287aa12eb205cff95cdd00d6d6c5c9a4f8f0eca"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/abrt/abrt/commit/7417505e1d93cc95ec648b74e3c801bc67aacb9f"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2015-1869",
"datePublished": "2020-01-14T17:31:46",
"dateReserved": "2015-02-17T00:00:00",
"dateUpdated": "2024-08-06T04:54:16.338Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}