Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
935
VMScore

CVE-2016-9949

Published: 17/12/2016 Updated: 07/01/2017
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 935
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Apport

Vulnerability Summary

An issue exists in Apport prior to 2.20.4. In apport/ui.py, Apport reads the CrashDB field and it then evaluates the field as Python code if it begins with a "{". This allows remote malicious users to execute arbitrary Python code.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

apport project apport

canonical ubuntu linux

Vendor Advisories

Ubuntu Security Notice: apport vulnerabilities
Apport could be made to run programs as your login if it opened a specially crafted file ...

Exploits

Exploit DB: Apport 2.x (Ubuntu Desktop 12.10 < 16.04) - Local Code Execution
Both of these issues were reported to the Apport maintainers and a fix was released on 2016-12-14 The CrashDB code injection issue can be tracked with CVE-2016-9949 and the path traversal bug with CVE-2016-9950 An additional problem where arbitrary commands can be called with the “Relaunch” action is tracked by CVE-2016-9951 I’d like to th ...

Github Repositories

https://github.com/DonnchaC/ubuntu-apport-exploitation

This project contains a PoC and exploit generator for a code execution bug in Ubuntu's Apport crash reporter

Code Execution on Ubuntu Desktop &gt;= 1210 (Quantal) Ubuntu ships the Apport crash handling software with all of its recent Desktop releases This repo contains an exploit for a bug in the Apport crash report parser which can provide reliable code execution upon opening an Apport crash file The parsing bug results in Python code injection in the Apport process Exploitin

Recent Articles

Dear hackers, Ubuntu's app crash reporter will happily execute your evil code on a victim's box
The Register • Shaun Nichols in San Francisco • 15 Dec 2016

To everyone else, get patching

Users and administrators of Ubuntu Linux desktops are being advised to patch their systems following the disclosure of serious security flaws. Researcher Donncha O'Cearbhaill, who discovered and privately reported the vulnerabilities to the Ubuntu team, said that a successful exploit of the bugs could allow an attacker to remotely execute code by tricking a victim into downloading a maliciously booby-trapped file. The exploitable flaws are present in Ubuntu 12.10 and greater. He notes that while...

Read more...

References

CWE-94https://github.com/DonnchaC/ubuntu-apport-exploitationhttps://donncha.is/2016/12/compromising-ubuntu-desktop/https://bugs.launchpad.net/apport/+bug/1648806http://www.securityfocus.com/bid/95011https://www.exploit-db.com/exploits/40937/http://www.ubuntu.com/usn/USN-3157-1https://usn.ubuntu.com/3157-1/https://nvd.nist.govhttps://www.exploit-db.com/exploits/40937/
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111CVE-2024-32884IDORCVE-2023-1000CVE-2024-33260CVE-2024-3682reflected XSSrace conditionCVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook