Red Hat Local Security Checks : RedHat Update for abrt RHSA-2015:1210-01

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.871387

Categoría: Red Hat Local Security Checks

Título: RedHat Update for abrt RHSA-2015:1210-01

Resumen: The remote host is missing an update for the 'abrt'; package(s) announced via the referenced advisory.

Descripción: Summary:
The remote host is missing an update for the 'abrt'
package(s) announced via the referenced advisory.

Vulnerability Insight:
ABRT (Automatic Bug Reporting Tool) is a
tool to help users to detect defects in applications and to create a bug
report with all the information needed by a maintainer to fix it. It uses
a plug-in system to extend its
functionality.

It was found that ABRT was vulnerable to multiple race condition and
symbolic link flaws. A local attacker could use these flaws to potentially
escalate their privileges on the system. (CVE-2015-3315)

It was discovered that the kernel-invoked coredump processor provided by
ABRT wrote core dumps to files owned by other system users. This could
result in information disclosure if an application crashed while its
current directory was a directory writable to by other users (such as
/tmp). (CVE-2015-3142)

It was discovered that the default event handling scripts installed by ABRT
did not handle symbolic links correctly. A local attacker with write access
to an ABRT problem directory could use this flaw to escalate their
privileges. (CVE-2015-1869)

It was found that the ABRT event scripts created a user-readable copy of an
sosreport file in ABRT problem directories, and included excerpts of
/var/log/messages selected by the user-controlled process name, leading to
an information disclosure. (CVE-2015-1870)

It was discovered that, when moving problem reports between certain
directories, abrt-handle-upload did not verify that the new problem
directory had appropriate permissions and did not contain symbolic links.
An attacker able to create a crafted problem report could use this flaw to
expose other parts of ABRT, or to overwrite arbitrary files on the system.
(CVE-2015-3147)

It was discovered that the abrt-action-install-debuginfo-to-abrt-cache
helper program did not properly filter the process environment before
invoking abrt-action-install-debuginfo. A local attacker could use this
flaw to escalate their privileges on the system. (CVE-2015-3159)

The CVE-2015-1869, CVE-2015-1870, CVE-2015-3142, CVE-2015-3147, and
CVE-2015-3159 issues were discovered by Florian Weimer of Red Hat
Product Security.

All users of abrt are advised to upgrade to these updated packages, which
correct these issues.

Affected Software/OS:
abrt on Red Hat Enterprise Linux Desktop (v. 6),
Red Hat Enterprise Linux Server (v. 6),
Red Hat Enterprise Linux Workstation (v. 6)

Solution:
Please Install the Updated Packages.

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2015-1869
http://www.openwall.com/lists/oss-security/2015/04/17/5
https://bugzilla.redhat.com/show_bug.cgi?id=1212861
https://github.com/abrt/abrt/commit/3287aa12eb205cff95cdd00d6d6c5c9a4f8f0eca
https://github.com/abrt/abrt/commit/7417505e1d93cc95ec648b74e3c801bc67aacb9f
Common Vulnerability Exposure (CVE) ID: CVE-2015-1870
75119
http://www.securityfocus.com/bid/75119
RHSA-2015:1083
http://rhn.redhat.com/errata/RHSA-2015-1083.html
RHSA-2015:1210
http://rhn.redhat.com/errata/RHSA-2015-1210.html
https://bugzilla.redhat.com/show_bug.cgi?id=1212868
https://github.com/abrt/abrt/commit/7d023c32a565e83306cddf34c894477b7aaf33d1
https://github.com/abrt/abrt/commit/8939398b82006ba1fec4ed491339fc075f43fc7c
https://github.com/abrt/libreport/commit/c962918bc70a61a8cc647898ee8b1ff1c14a87c5
Common Vulnerability Exposure (CVE) ID: CVE-2015-3142
75116
http://www.securityfocus.com/bid/75116
[oss-security] 20150417 Re: Problems in automatic crash analysis frameworks
https://bugzilla.redhat.com/show_bug.cgi?id=1212818
Common Vulnerability Exposure (CVE) ID: CVE-2015-3147
https://bugzilla.redhat.com/show_bug.cgi?id=1212953
https://github.com/abrt/abrt/commit/3746b7627218438ae7d781fc8b18a221454e9091
https://github.com/abrt/abrt/pull/955
Common Vulnerability Exposure (CVE) ID: CVE-2015-3159
https://bugzilla.redhat.com/show_bug.cgi?id=1216962
https://github.com/abrt/abrt/commit/9943a77bca37a0829ccd3784d1dfab37f8c24e7b
https://github.com/abrt/abrt/commit/9a4100678fea4d60ec93d35f4c5de2e9ad054f3a
Common Vulnerability Exposure (CVE) ID: CVE-2015-3315
BugTraq ID: 75117
http://www.securityfocus.com/bid/75117
https://www.exploit-db.com/exploits/44097/
http://www.openwall.com/lists/oss-security/2015/04/14/4
http://www.openwall.com/lists/oss-security/2015/04/16/12
RedHat Security Advisories: RHSA-2015:1083
RedHat Security Advisories: RHSA-2015:1210

Copyright Copyright (C) 2015 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.871387
Categoría:	Red Hat Local Security Checks
Título:	RedHat Update for abrt RHSA-2015:1210-01
Resumen:	The remote host is missing an update for the 'abrt'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'abrt' package(s) announced via the referenced advisory. Vulnerability Insight: ABRT (Automatic Bug Reporting Tool) is a tool to help users to detect defects in applications and to create a bug report with all the information needed by a maintainer to fix it. It uses a plug-in system to extend its functionality. It was found that ABRT was vulnerable to multiple race condition and symbolic link flaws. A local attacker could use these flaws to potentially escalate their privileges on the system. (CVE-2015-3315) It was discovered that the kernel-invoked coredump processor provided by ABRT wrote core dumps to files owned by other system users. This could result in information disclosure if an application crashed while its current directory was a directory writable to by other users (such as /tmp). (CVE-2015-3142) It was discovered that the default event handling scripts installed by ABRT did not handle symbolic links correctly. A local attacker with write access to an ABRT problem directory could use this flaw to escalate their privileges. (CVE-2015-1869) It was found that the ABRT event scripts created a user-readable copy of an sosreport file in ABRT problem directories, and included excerpts of /var/log/messages selected by the user-controlled process name, leading to an information disclosure. (CVE-2015-1870) It was discovered that, when moving problem reports between certain directories, abrt-handle-upload did not verify that the new problem directory had appropriate permissions and did not contain symbolic links. An attacker able to create a crafted problem report could use this flaw to expose other parts of ABRT, or to overwrite arbitrary files on the system. (CVE-2015-3147) It was discovered that the abrt-action-install-debuginfo-to-abrt-cache helper program did not properly filter the process environment before invoking abrt-action-install-debuginfo. A local attacker could use this flaw to escalate their privileges on the system. (CVE-2015-3159) The CVE-2015-1869, CVE-2015-1870, CVE-2015-3142, CVE-2015-3147, and CVE-2015-3159 issues were discovered by Florian Weimer of Red Hat Product Security. All users of abrt are advised to upgrade to these updated packages, which correct these issues. Affected Software/OS: abrt on Red Hat Enterprise Linux Desktop (v. 6), Red Hat Enterprise Linux Server (v. 6), Red Hat Enterprise Linux Workstation (v. 6) Solution: Please Install the Updated Packages. CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-1869 http://www.openwall.com/lists/oss-security/2015/04/17/5 https://bugzilla.redhat.com/show_bug.cgi?id=1212861 https://github.com/abrt/abrt/commit/3287aa12eb205cff95cdd00d6d6c5c9a4f8f0eca https://github.com/abrt/abrt/commit/7417505e1d93cc95ec648b74e3c801bc67aacb9f Common Vulnerability Exposure (CVE) ID: CVE-2015-1870 75119 http://www.securityfocus.com/bid/75119 RHSA-2015:1083 http://rhn.redhat.com/errata/RHSA-2015-1083.html RHSA-2015:1210 http://rhn.redhat.com/errata/RHSA-2015-1210.html https://bugzilla.redhat.com/show_bug.cgi?id=1212868 https://github.com/abrt/abrt/commit/7d023c32a565e83306cddf34c894477b7aaf33d1 https://github.com/abrt/abrt/commit/8939398b82006ba1fec4ed491339fc075f43fc7c https://github.com/abrt/libreport/commit/c962918bc70a61a8cc647898ee8b1ff1c14a87c5 Common Vulnerability Exposure (CVE) ID: CVE-2015-3142 75116 http://www.securityfocus.com/bid/75116 [oss-security] 20150417 Re: Problems in automatic crash analysis frameworks https://bugzilla.redhat.com/show_bug.cgi?id=1212818 Common Vulnerability Exposure (CVE) ID: CVE-2015-3147 https://bugzilla.redhat.com/show_bug.cgi?id=1212953 https://github.com/abrt/abrt/commit/3746b7627218438ae7d781fc8b18a221454e9091 https://github.com/abrt/abrt/pull/955 Common Vulnerability Exposure (CVE) ID: CVE-2015-3159 https://bugzilla.redhat.com/show_bug.cgi?id=1216962 https://github.com/abrt/abrt/commit/9943a77bca37a0829ccd3784d1dfab37f8c24e7b https://github.com/abrt/abrt/commit/9a4100678fea4d60ec93d35f4c5de2e9ad054f3a Common Vulnerability Exposure (CVE) ID: CVE-2015-3315 BugTraq ID: 75117 http://www.securityfocus.com/bid/75117 https://www.exploit-db.com/exploits/44097/ http://www.openwall.com/lists/oss-security/2015/04/14/4 http://www.openwall.com/lists/oss-security/2015/04/16/12 RedHat Security Advisories: RHSA-2015:1083 RedHat Security Advisories: RHSA-2015:1210
Copyright	Copyright (C) 2015 Greenbone AG