Информационная безопасность
[RU] switch to English


CVECVE-2015-1338
СтатусUNKNOWN
Описаниеkernel_crashdump in Apport before 2.19 allows local users to cause a denial of service (disk consumption) or possibly gain privileges via a (1) symlink or (2) hard link attack on /var/crash/vmcore.log.
Важность
High
CVSS score7,2
CVSS vector(AV:L/AC:L/Au:N/C:C/I:C/A:C)
PhaseASSIGNED (02.10.2015)
NVD:http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1338
ReferencesFULLDISC : 20150927 Apport kernel_crashdump symlink vulnerability exploitation
 EXPLOIT-DB : 38353
 MISC : http://packetstormsecurity.com/files/133723/Ubuntu...
 MISC : http://www.halfdog.net/Security/2015/ApportKernelC...
 CONFIRM : https://bugs.launchpad.net/ubuntu/+source/apport/+...
 CONFIRM : https://launchpad.net/apport/trunk/2.19
 UBUNTU : USN-2744-1
SecurityVulns:Уязвимостие безопасности в apport
О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород