CVE-2016-9950

HIGH

Apport < 2.20.4 - Path Traversal via Package Hook Fields

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2016-9950. PoCs published by Donncha OCearbhaill.

AI-analyzed exploit summary This is a writeup discussing multiple vulnerabilities in Apport, including CVE-2016-9951, which allows arbitrary command execution via the 'Relaunch' action. The text provides context, links to fixes, and encourages responsible disclosure.

Description

An issue was discovered in Apport before 2.20.4. There is a path traversal issue in the Apport crash file "Package" and "SourcePackage" fields. These fields are used to build a path to the package specific hook files in the /usr/share/apport/package-hooks/ directory. An attacker can exploit this path traversal to execute arbitrary Python files from the local system.

Exploits (1)

exploitdb WRITEUP

by Donncha OCearbhaill · textlocallinux

https://www.exploit-db.com/exploits/40937

View Code ZIP pw:eip

This is a writeup discussing multiple vulnerabilities in Apport, including CVE-2016-9951, which allows arbitrary command execution via the 'Relaunch' action. The text provides context, links to fixes, and encourages responsible disclosure.

Classification

Writeup 100%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Apport (Ubuntu)

No auth needed

Prerequisites: Access to a vulnerable Apport instance

MITRE ATT&CK