Symlink Attack Vulnerability in Automatic Bug Reporting Tool (ABRT)

Symlink Attack Vulnerability in Automatic Bug Reporting Tool (ABRT)

CVE-2015-3315 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

Automatic Bug Reporting Tool (ABRT) allows local users to read, change the ownership of, or have other unspecified impact on arbitrary files via a symlink attack on (1) /var/tmp/abrt/*/maps, (2) /tmp/jvm-*/hs_error.log, (3) /proc/*/exe, (4) /etc/os-release in a chroot, or (5) an unspecified root directory related to librpm.

Learn more about our User Device Pen Test.