abrt-action-analyze-vulnerability(1)
====================================

NAME
----
abrt-action-analyze-vulnerability - Provides assessment of potential exploitability of crash

SYNOPSIS
--------
abrt-action-analyze-vulnerability

DESCRIPTION
-----------
This tool expects that file named 'coredump' is placed in the current directory
and runs abrt-gdb-exploitable gdb plugin on that file. The result of
vulnerability analysis is saved in 'exploitable' file in the current directory
with information about the likely crash reason and exploitable rating
(see the EXPLOITABLE RATING section bellow). If the exploitable rating
is between <0-3> no output is generated and the tool silently exits
with 0 exit code.

This tool requires both 'gdb' and 'eu-readelf' executables placed in PATH. If
any of the required programs is missing the tool silently exits with 0 exit
code.

EXPLOITABLE RATING
------------------
Exploitable rating is a score (on scale 0-9) given to a coredump based on
the likely reason the program crashed and whether or not it could have been due
to a potentially exploitable security issue. Lower numbers are reserverd for
reasons that are highly unlikely to be security issues (0-3) while
higher numbers (4-9) are reserved for potentially dangerous crashes. Higher
scores do not automatically mean security problems but they can help with
debugging the issue and assessing its severity.

AUTHORS
-------
* ABRT team
