World-readable permission on copy of sosreport file in ABRT problem directories allows unauthorized access to sensitive information

World-readable permission on copy of sosreport file in ABRT problem directories allows unauthorized access to sensitive information

CVE-2015-1870 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

The event scripts in Automatic Bug Reporting Tool (ABRT) uses world-readable permission on a copy of sosreport file in problem directories, which allows local users to obtain sensitive information from /var/log/messages via unspecified vectors.

Learn more about our User Device Pen Test.