cve/2015/CVE-2015-3315.md

CVE-2015-3315

Description

Automatic Bug Reporting Tool (ABRT) allows local users to read, change the ownership of, or have other unspecified impact on arbitrary files via a symlink attack on (1) /var/tmp/abrt//maps, (2) /tmp/jvm-/hs_error.log, (3) /proc/*/exe, (4) /etc/os-release in a chroot, or (5) an unspecified root directory related to librpm.

POC

Reference

• https://www.exploit-db.com/exploits/44097/

Github

• https://github.com/ARPSyndicate/cvemon