Published: 17/04/2015 Updated: 08/02/2018

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

VMScore: 735

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

The crash reporting feature in Apport 2.13 up to and including 2.17.x prior to 2.17.1 allows local users to gain privileges via a crafted usr/share/apport/apport file in a namespace (container).

Vulnerable Product	Search on Vulmon	Subscribe to Product
apport project apport 2.13.3
apport project apport 2.14
apport project apport 2.14.1
apport project apport 2.15
apport project apport 2.15.1
apport project apport 2.14.2
apport project apport 2.14.3
apport project apport 2.16
apport project apport 2.16.1
apport project apport 2.13.1
apport project apport 2.13.2
apport project apport 2.14.6
apport project apport 2.14.7
apport project apport 2.13
apport project apport 2.14.4
apport project apport 2.14.5
apport project apport 2.16.2
apport project apport 2.17

Apport could be tricked into running programs as an administrator ...

## # This module requires Metasploit: metasploitcom/download # Current source: githubcom/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Local Rank = ExcellentRanking include Msf::Post::File include Msf::Exploit::EXE include Msf::Exploit::FileDropper def initialize(info = {}) super(update_ ...

#define _GNU_SOURCE #include <stdioh> #include <unistdh> #include <stdlibh> #include <fcntlh> #include <signalh> #include <elfh> #include <errh> #include <syslogh> #include <schedh> #include <linux/schedh> #include <sys/typesh> #include <sys/stath> #include <sys/ ...

#!/bin/sh # # CVE-2015-1318 # # Reference: bugslaunchpadnet/ubuntu/+source/apport/+bug/1438758 # # Example: # # % uname -a # Linux maggie 3130-48-generic #80-Ubuntu SMP Thu Mar 12 11:16:15 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux # # % lsb_release -a # No LSB modules are available # Distributor ID: Ubuntu # Description: Ubuntu 140 ...

Linux Apport/Abrt local root exploit ...

Various security issues relating to symlink attacks and race conditions with Abrt and Apport are documented here ...

This Metasploit module attempts to gain root privileges on Linux systems by invoking the default coredump handler inside a namespace ("container") Apport versions 213 through 217x before 2171 on Ubuntu are vulnerable, due to a feature which allows forwarding reports to a container's Apport by changing the root directory before loading the cra ...

Exploit I used to claim 10% final-grade extra credit in Matthew Might's Compilers class.

CVE-2015-1318 Exploit I used to claim 10% final-grade extra credit in Matthew Might's Compilers class bugslaunchpadnet/apport/+bug/1438758 Bonus opportunities (mattmightnet/teaching/compilers/spring-2015/) Use an exploit on vulcan to gain root access: +10% for a local user exploit; +15% for a remote exploit (eg breaking in via apache) You must exploi

CWE-264 http://www.ubuntu.com/usn/USN-2569-1 https://launchpad.net/apport/trunk/2.17.1 https://bugs.launchpad.net/ubuntu/%2Bsource/apport/%2Bbug/1438758 http://www.osvdb.org/120803 https://www.exploit-db.com/exploits/36782/https://www.exploit-db.com/exploits/43971/https://usn.ubuntu.com/2569-1/https://nvd.nist.gov https://www.exploit-db.com/exploits/43971/

CVE-2015-1318

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect