Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2016-9951

CWE-284 — Improper Access Control CWE-119 — Buffer Overflow10 documents8 sources

Severity

6.5MEDIUM

EPSS

7.9%

top 7.94%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Apport Project Apport

Timeline

PublishedDec 17

Latest updateMay 17

Description

An issue was discovered in Apport before 2.20.4. A malicious Apport crash file can contain a restart command in `RespawnCommand` or `ProcCmdline` fields. This command will be executed if a user clicks the Relaunch button on the Apport prompt from the malicious crash file. The fix is to only show the Relaunch button on Apport crash files generated by local systems. The Relaunch button will be hidden when crash files are opened directly in Apport-GTK.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

▶Ubuntuapport< 2.14.1-0ubuntu3.23+1

▶NVDapport_project/apport2.20.3

Patches

Patch: bugs.launchpad.net ↗Patch: bugs.launchpad.net ↗

🔴Vulnerability Details

GHSA

GHSA-666r-6mfg-455c: An issue was discovered in Apport before 2↗2022-05-17

▶

CVEList

CVE-2016-9951: An issue was discovered in Apport before 2↗2016-12-17

▶

OSV

CVE-2016-9951: An issue was discovered in Apport before 2↗2016-12-14

▶

💥Exploits & PoCs

Exploit-DB

Apport 2.x (Ubuntu Desktop 12.10 < 16.04) - Local Code Execution↗2016-12-14

▶

📋Vendor Advisories

Red Hat

memcached: Heap-based buffer over-read in try_read_command function (incomplete fix for CVE-2016-8705)↗2017-07-17

▶

Ubuntu

Apport vulnerabilities↗2016-12-14

▶

💬Community

Bugzilla

CVE-2017-9951 memcached: Heap-based buffer over-read in try_read_command function (incomplete fix for CVE-2016-8705)↗2017-07-17

▶