Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2016-9951

Published: 17/12/2016 Updated: 07/01/2017
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8
VMScore: 435
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Subscribe to Apport

Vulnerability Summary

An issue exists in Apport prior to 2.20.4. A malicious Apport crash file can contain a restart command in `RespawnCommand` or `ProcCmdline` fields. This command will be executed if a user clicks the Relaunch button on the Apport prompt from the malicious crash file. The fix is to only show the Relaunch button on Apport crash files generated by local systems. The Relaunch button will be hidden when crash files are opened directly in Apport-GTK.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

apport project apport

Vendor Advisories

Ubuntu Security Notice: apport vulnerabilities
Apport could be made to run programs as your login if it opened a specially crafted file ...

Exploits

Exploit DB: Apport 2.x (Ubuntu Desktop 12.10 < 16.04) - Local Code Execution
Both of these issues were reported to the Apport maintainers and a fix was released on 2016-12-14 The CrashDB code injection issue can be tracked with CVE-2016-9949 and the path traversal bug with CVE-2016-9950 An additional problem where arbitrary commands can be called with the “Relaunch” action is tracked by CVE-2016-9951 I’d like to th ...

Github Repositories

https://github.com/DonnchaC/ubuntu-apport-exploitation

This project contains a PoC and exploit generator for a code execution bug in Ubuntu's Apport crash reporter

Code Execution on Ubuntu Desktop &gt;= 1210 (Quantal) Ubuntu ships the Apport crash handling software with all of its recent Desktop releases This repo contains an exploit for a bug in the Apport crash report parser which can provide reliable code execution upon opening an Apport crash file The parsing bug results in Python code injection in the Apport process Exploitin

References

CWE-284https://github.com/DonnchaC/ubuntu-apport-exploitationhttps://donncha.is/2016/12/compromising-ubuntu-desktop/https://bugs.launchpad.net/apport/+bug/1648806http://www.securityfocus.com/bid/95011https://www.exploit-db.com/exploits/40937/http://www.ubuntu.com/usn/USN-3157-1https://usn.ubuntu.com/3157-1/https://nvd.nist.govhttps://www.exploit-db.com/exploits/40937/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581reflected XSSCVE-2024-26925CVE-2024-27956LFICVE-2024-3607CVE-2024-3107CVE-2024-3295SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook