CVE-2015-5287

ABRT sosreport Privilege Escalation

Title source: metasploit

Description

The abrt-hook-ccpp help program in Automatic Bug Reporting Tool (ABRT) before 2.7.1 allows local users with certain permissions to gain privileges via a symlink attack on a file with a predictable name, as demonstrated by /var/tmp/abrt/abrt-hax-coredump or /var/spool/abrt/abrt-hax-coredump.

Exploits (4)

exploitdb WORKING POC VERIFIED
by Metasploit · rubylocallinux
https://www.exploit-db.com/exploits/47421
exploitdb WORKING POC VERIFIED
by rebel · pythonlocalmultiple
https://www.exploit-db.com/exploits/38835
exploitdb WORKING POC VERIFIED
by rebel · pythonlocallinux
https://www.exploit-db.com/exploits/38832
metasploit WORKING POC EXCELLENT
by rebel, bcoles · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/local/abrt_sosreport_priv_esc.rb

References (8)

Scores

EPSS 0.1290
EPSS Percentile 94.1%

Details

CWE
CWE-59
Status published
Products (5)
redhat/automatic_bug_reporting_tool < 2.7.0
redhat/enterprise_linux_desktop 7.0
redhat/enterprise_linux_hpc_node 7.0
redhat/enterprise_linux_server 7.0
redhat/enterprise_linux_workstation 7.0
Published Dec 07, 2015
Tracked Since Feb 18, 2026