|
|
Пишет LWN.net (![[info]](http://lj.rossia.org/img/syndicated.gif){kind=small} syn_lwnheadline)@ 2016-12-16 15:23:00 |
 |
|
 |
|
|
|
|
|
|
 |
|
 |
O'Cearbhaill: Reliably compromising Ubuntu desktops by attacking the crash reporter
Donncha O'Cearbhaill has discovered that Ubuntu's "apport" tool, which handles application crash data, passes arbitrary data to the Python eval() function. There are a couple of other vulnerabilities as well, making it possible to fully compromise a system. The bugs (now known as CVE-2016-9949, CVE-2016-9950, and CVE-2016-9951) have been fixed; applying the updates is highly recommended for Ubuntu users. "The computer security industry has a serious conflict of interest right now. There is major financial motivation for researchers to find and disclose vulnerability to exploit brokers. Many of the brokers are in the business of keeping problems unfixed. Code execution bugs are valuable. As a data point, I received an offer of more than 10,000 USD from an exploit vendor for these Apport bugs."
Donncha O'Cearbhaill has discovered that Ubuntu's "apport" tool, which handles application crash data, passes arbitrary data to the Python eval() function. There are a couple of other vulnerabilities as well, making it possible to fully compromise a system. The bugs (now known as CVE-2016-9949, CVE-2016-9950, and CVE-2016-9951) have been fixed; applying the updates is highly recommended for Ubuntu users. "The computer security industry has a serious conflict of interest right now. There is major financial motivation for researchers to find and disclose vulnerability to exploit brokers. Many of the brokers are in the business of keeping problems unfixed. Code execution bugs are valuable. As a data point, I received an offer of more than 10,000 USD from an exploit vendor for these Apport bugs."
