Scientific Linux Security Update : abrt and libreport on SL7.x x86_64

This script is Copyright (C) 2015 Tenable Network Security, Inc.


Synopsis :

The remote Scientific Linux host is missing one or more security
updates.

Description :

It was found that the ABRT debug information installer (abrt-action-
install-debuginfo-to-abrt-cache) did not use temporary directories in
a secure way. A local attacker could use the flaw to create symbolic
links and files at arbitrary locations as the abrt user.
(CVE-2015-5273)

It was discovered that the kernel-invoked coredump processor provided
by ABRT did not handle symbolic links correctly when writing core
dumps of ABRT programs to the ABRT dump directory (/var/spool/abrt). A
local attacker with write access to an ABRT problem directory could
use this flaw to escalate their privileges. (CVE-2015-5287)

It was found that ABRT may have exposed unintended information to Red
Hat Bugzilla during crash reporting. A bug in the libreport library
caused changes made by a user in files included in a crash report to
be discarded. As a result, Red Hat Bugzilla attachments may contain
data that was not intended to be made public, including host names, IP
addresses, or command line options. (CVE-2015-5302)

This flaw did not affect default installations of ABRT on Scientific
Linux as they do not post data to Red Hat Bugzilla. This feature can
however be enabled, potentially impacting modified ABRT instances.
With this update Scientific Linux will no longer publish the
rhel-autoreport tools.

See also :

http://www.nessus.org/u?2601e33b

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 6.9
(CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C)
Public Exploit Available : true

Family: Scientific Linux Local Security Checks

Nessus Plugin ID: 87580 ()

Bugtraq ID:

CVE ID: CVE-2015-5273
CVE-2015-5287
CVE-2015-5302

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now