CVE-2015-2285
NONE EPSS 58.9%
Published Mar 12, 201511y ago · Modified Jun 17, 20262w ago
Published Mar 12, 2015 11y ago
Last Modified Jun 17, 2026 2w ago
Description
The logrotation script (/etc/cron.daily/upstart) in the Ubuntu Upstart package before 1.13.2-0ubuntu9, as used in Ubuntu Vivid 15.04, allows local users to execute arbitrary commands and gain privileges via a crafted file in /run/user/*/upstart/sessions/.
Threat Intelligence
EPSS Exploit Probability
58.9% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available
Weaknesses 1
CWE-19
Affected Products 2
References 4
- packetstormsecurity.com http://packetstormsecurity.com/files/130587/Ubuntu-Vivid-Upstart-Privilege-Escalation.html
- seclists.org http://seclists.org/fulldisclosure/2015/Mar/7
- halfdog.net http://www.halfdog.net/Security/2015/UpstartLogrotationPrivilegeEscalation/
- bugs.launchpad.net https://bugs.launchpad.net/ubuntu/+source/upstart/+bug/1425685
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.