CVE-2017-10708
published 2017-07-18CVE-2017-10708: An issue was discovered in Apport through 2.20.x. In apport/report.py, Apport sets the ExecutablePath field and it then uses the path to run package specific…
PriorityP339high7.8CVSS 3.0
AVLACLPRNUIRSUCHIHAH
EPSS
2.10%
79.4th percentile
An issue was discovered in Apport through 2.20.x. In apport/report.py, Apport sets the ExecutablePath field and it then uses the path to run package specific hooks without protecting against path traversal. This allows remote attackers to execute arbitrary code via a crafted .crash file.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apport_project | apport | <= 2.20.6 | — |
| apport_project | apport | >= 0 < 2.14.1-0ubuntu3.25 | 2.14.1-0ubuntu3.25 |
| apport_project | apport | >= 0 < 2.20.1-0ubuntu2.10 | 2.20.1-0ubuntu2.10 |
CVSS provenance
nvdv3.07.8HIGHCVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv7.8HIGH
vendor_redhat7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
openssh: Out of sequence NEWKEYS message can allow remote attacker to cause denial of service
vendor_redhat·2018-01-24·CVSS 7.5
CVE-2016-10708 [HIGH] CWE-20 openssh: Out of sequence NEWKEYS message can allow remote attacker to cause denial of service
openssh: Out of sequence NEWKEYS message can allow remote attacker to cause denial of service
sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.
Statement: This issue affects the versions of openssh as shipped with Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7 (versions 7.3 and earlier). For Red Hat Enterprise Linux 7 (versions 7.4 and later), this issue was fixed by the Security Advisory RHSA-2017:2029. For Red Hat Enterprise Linux 6, Red Hat Product Security has rated this issue as having Low security impact. A future update may address this issue. For additional information, refer to the Issue Severity
Ubuntu
Apport vulnerability
vendor_ubuntu·2017-07-18
CVE-2017-10708 Apport vulnerability
Title: Apport vulnerability
Summary: An attacker could trick a user into opening a malicious .crash file
and execute arbitrary code as the user.
Felix Wilhelm discovered a path traversal vulnerability in Apport
when handling the ExecutablePath field in crash files. An attacker
could trick a user into opening a specially crafted crash file and
execute arbitrary code with the user's privileges.
Instructions: In general, a standard system update will make all the necessary changes.
GHSA
GHSA-r8ph-m677-xqfj: An issue was discovered in Apport through 2
ghsa_unreviewed·2022-05-17
CVE-2017-10708 [HIGH] CWE-22 GHSA-r8ph-m677-xqfj: An issue was discovered in Apport through 2
An issue was discovered in Apport through 2.20.x. In apport/report.py, Apport sets the ExecutablePath field and it then uses the path to run package specific hooks without protecting against path traversal. This allows remote attackers to execute arbitrary code via a crafted .crash file.
OSV
CVE-2017-10708: An issue was discovered in Apport through 2
osv·2017-07-18·CVSS 7.8
CVE-2017-10708 [HIGH] CVE-2017-10708: An issue was discovered in Apport through 2
An issue was discovered in Apport through 2.20.x. In apport/report.py, Apport sets the ExecutablePath field and it then uses the path to run package specific hooks without protecting against path traversal. This allows remote attackers to execute arbitrary code via a crafted .crash file.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2017-07-18
Published