PT-2009-3829 · Canonical · Apport

Stephane Chazelas

Published

2009-04-30

Updated

2009-05-15

CVE-2009-1295

CVSS v2.0

1.9

Low

Vector

AV:L/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Apport versions prior to 0.108.4 on Ubuntu 8.04 LTS Apport versions prior to 0.119.2 on Ubuntu 8.10 Apport versions prior to 1.0-0ubuntu5.2 on Ubuntu 9.04

Description The issue allows local users to delete arbitrary files due to improper removal of files from the application's crash-report directory.

Recommendations For Apport version prior to 0.108.4 on Ubuntu 8.04 LTS, update to version 0.108.4 or later. For Apport version prior to 0.119.2 on Ubuntu 8.10, update to version 0.119.2 or later. For Apport version prior to 1.0-0ubuntu5.2 on Ubuntu 9.04, update to version 1.0-0ubuntu5.2 or later.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-16

Related Identifiers

CVE-2009-1295

Affected Products

Apport

PT-2009-3829 · Canonical · Apport

CVE-2009-1295

Weakness Enumeration

Related Identifiers

Affected Products

References · 9