Rapid7 Vulnerability & Exploit Database

CentOS: (CVE-2015-1870) CESA-2015:1083: abrt

Free InsightVM Trial No credit card necessary
Watch Demo See how it all works
Back to Search

CentOS: (CVE-2015-1870) CESA-2015:1083: abrt

Severity
2
CVSS
(AV:L/AC:L/Au:N/C:P/I:N/A:N)
Published
06/15/2015
Created
07/25/2018
Added
08/17/2018
Modified
08/17/2018

Description

The event scripts in Automatic Bug Reporting Tool (ABRT) uses world-readable permission on a copy of sosreport file in problem directories, which allows local users to obtain sensitive information from /var/log/messages via unspecified vectors.

Solution(s)

  • centos-upgrade-abrt
  • centos-upgrade-abrt-addon-ccpp
  • centos-upgrade-abrt-addon-kerneloops
  • centos-upgrade-abrt-addon-pstoreoops
  • centos-upgrade-abrt-addon-python
  • centos-upgrade-abrt-addon-upload-watch
  • centos-upgrade-abrt-addon-vmcore
  • centos-upgrade-abrt-addon-xorg
  • centos-upgrade-abrt-cli
  • centos-upgrade-abrt-console-notification
  • centos-upgrade-abrt-dbus
  • centos-upgrade-abrt-desktop
  • centos-upgrade-abrt-devel
  • centos-upgrade-abrt-gui
  • centos-upgrade-abrt-gui-devel
  • centos-upgrade-abrt-gui-libs
  • centos-upgrade-abrt-libs
  • centos-upgrade-abrt-python
  • centos-upgrade-abrt-python-doc
  • centos-upgrade-abrt-retrace-client
  • centos-upgrade-abrt-tui
  • centos-upgrade-libreport
  • centos-upgrade-libreport-anaconda
  • centos-upgrade-libreport-centos
  • centos-upgrade-libreport-cli
  • centos-upgrade-libreport-compat
  • centos-upgrade-libreport-devel
  • centos-upgrade-libreport-filesystem
  • centos-upgrade-libreport-gtk
  • centos-upgrade-libreport-gtk-devel
  • centos-upgrade-libreport-newt
  • centos-upgrade-libreport-plugin-bugzilla
  • centos-upgrade-libreport-plugin-kerneloops
  • centos-upgrade-libreport-plugin-logger
  • centos-upgrade-libreport-plugin-mailx
  • centos-upgrade-libreport-plugin-mantisbt
  • centos-upgrade-libreport-plugin-reportuploader
  • centos-upgrade-libreport-plugin-rhtsupport
  • centos-upgrade-libreport-plugin-ureport
  • centos-upgrade-libreport-python
  • centos-upgrade-libreport-rhel
  • centos-upgrade-libreport-rhel-anaconda-bugzilla
  • centos-upgrade-libreport-rhel-bugzilla
  • centos-upgrade-libreport-web
  • centos-upgrade-libreport-web-devel

References

  • RHSA-2015:1083
  • RHSA-2015:1210
  • 75119
  • CVE-2015-1870

insightVM

Advanced vulnerability management analytics and reporting.
Key Features
Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;