Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2015-5287

CWE-5910 documents7 sources

Severity

6.9MEDIUM

EPSS

12.9%

top 5.95%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Redhat Automatic BUG Reporting Tool Redhat Enterprise Linux Desktop Redhat Enterprise Linux HPC Node +2 more

Timeline

PublishedDec 7

Latest updateMay 17

Description

The abrt-hook-ccpp help program in Automatic Bug Reporting Tool (ABRT) before 2.7.1 allows local users with certain permissions to gain privileges via a symlink attack on a file with a predictable name, as demonstrated by /var/tmp/abrt/abrt-hax-coredump or /var/spool/abrt/abrt-hax-coredump.

CVSS vector

AV:L/AC:M/C:C/I:C/A:CExploitability: 3.4 | Impact: 10.0

Affected Packages5 packages

▶NVDredhat/automatic_bug_reporting_tool2.7.0

▶NVDredhat/enterprise_linux_server7.0

▶NVDredhat/enterprise_linux_desktop7.0

▶NVDredhat/enterprise_linux_hpc_node7.0

▶NVDredhat/enterprise_linux_workstation7.0

🔴Vulnerability Details

GHSA

GHSA-hf8c-7p7w-mch5: The abrt-hook-ccpp help program in Automatic Bug Reporting Tool (ABRT) before 2↗2022-05-17

▶

CVEList

CVE-2015-5287: The abrt-hook-ccpp help program in Automatic Bug Reporting Tool (ABRT) before 2↗2015-12-07

▶

💥Exploits & PoCs

Exploit-DB

ABRT - sosreport Privilege Escalation (Metasploit)↗2019-09-25

▶

Exploit-DB

RHEL 7.0/7.1 - 'abrt/sosreport' Local Privilege Escalation↗2015-12-01

▶

Exploit-DB

abrt (Centos 7.1 / Fedora 22) - Local Privilege Escalation↗2015-12-01

▶

Exploit-DB

Kemp Load Master 7.1.16 - Multiple Vulnerabilities↗2015-04-02

▶

Metasploit

ABRT sosreport Privilege Escalation↗

▶

📋Vendor Advisories

Red Hat

abrt: incorrect permissions on /var/spool/abrt↗2015-11-23

▶

💬Community

Bugzilla

CVE-2015-5287 abrt: incorrect permissions on /var/spool/abrt↗2015-09-28

▶