The abrt-hook-ccpp help program in Automatic Bug Reporting Tool (ABRT) before 2.7.1 allows local users with certain permissions to gain privileges via a symlink attack on a file with a predictable name, as demonstrated by /var/tmp/abrt/abrt-hax-coredump or /var/spool/abrt/abrt-hax-coredump.
Published 2015-12-07 18:59:02
Updated 2016-12-07 18:16:18
Source Red Hat, Inc.
View at NVD,   CVE.org

Products affected by CVE-2015-5287

Exploit prediction scoring system (EPSS) score for CVE-2015-5287

0.09%
Probability of exploitation activity in the next 30 days EPSS Score History
~ 38 %
Percentile, the proportion of vulnerabilities that are scored at or less

Metasploit modules for CVE-2015-5287

  • ABRT sosreport Privilege Escalation
    Disclosure Date: 2015-11-23
    First seen: 2020-04-26
    exploit/linux/local/abrt_sosreport_priv_esc
    This module attempts to gain root privileges on RHEL systems with a vulnerable version of Automatic Bug Reporting Tool (ABRT) configured as the crash handler. `sosreport` uses an insecure temporary directory, allowing local users to write to arbitrary files

CVSS scores for CVE-2015-5287

Base Score Base Severity CVSS Vector Exploitability Score Impact Score Score Source First Seen
6.9
MEDIUM AV:L/AC:M/Au:N/C:C/I:C/A:C
3.4
10.0
NIST

CWE ids for CVE-2015-5287

References for CVE-2015-5287

Jump to
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!