Vulnerability Details : CVE-2015-5273
The abrt-action-install-debuginfo-to-abrt-cache help program in Automatic Bug Reporting Tool (ABRT) before 2.7.1 allows local users to write to arbitrary files via a symlink attack on unpacked.cpio in a pre-created directory with a predictable name in /var/tmp.
Exploit prediction scoring system (EPSS) score for CVE-2015-5273
Probability of exploitation activity in the next 30 days: 0.04%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 6 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2015-5273
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
3.6
|
LOW | AV:L/AC:L/Au:N/C:N/I:P/A:P |
3.9
|
4.9
|
NIST |
CWE ids for CVE-2015-5273
-
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.Assigned by: nvd@nist.gov (Primary)
References for CVE-2015-5273
-
http://www.securityfocus.com/bid/78113
abrt CVE-2015-5273 Insecure Temporary File Creation Vulnerability
-
https://bugzilla.redhat.com/show_bug.cgi?id=1262252
1262252 – (CVE-2015-5273) CVE-2015-5273 abrt: Insecure temporary directory usage in abrt-action-install-debuginfo-to-abrt-cacheExploit
-
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172809.html
[SECURITY] Fedora 23 Update: abrt-2.7.1-1.fc23
-
http://www.openwall.com/lists/oss-security/2015/12/01/1
oss-security - CVE-2015-5273 + CVE-2015-5287, abrt local root in Centos/Fedora/RHELExploit
-
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
Oracle Linux Bulletin - October 2015
-
http://rhn.redhat.com/errata/RHSA-2015-2505.html
RHSA-2015:2505 - Security Advisory - Red Hat Customer PortalVendor Advisory
-
https://github.com/abrt/abrt/commit/50ee8130fb4cd4ef1af7682a2c85dd99cb99424e
a-a-i-d-to-abrt-cache: make own random temporary directory · abrt/abrt@50ee813 · GitHub
Products affected by CVE-2015-5273
- cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:automatic_bug_reporting_tool:*:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*