Path traversal in Google, Google Android
| Risk | Medium |
| Patch available | NO |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2014-7951 |
| CWE-ID | CWE-22 |
| Exploitation vector | Local |
| Public exploit | Public exploit code for vulnerability #1 is available. |
| Vulnerable software Subscribe |
Google Android Operating systems & Components / Operating system |
| Vendor |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
1) Path traversal
EUVDB-ID: #VU34818
Risk: Medium
CVSSv3.1: 4.4 [AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:U/RC:C]
CVE-ID: CVE-2014-7951
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to perform directory traversal attacks.
The vulnerability exists due to input validation error when processing directory traversal sequences in the Android debug bridge (aka adb) in Android 4.0.4. A remote authenticated attacker can send a specially crafted HTTP request and physically proximate attackers with a direct connection to the target Android device to write to arbitrary files owned by system via a . (dot dot) in the tar archive headers.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsGoogle Android: 4.0.4
External linkshttp://packetstormsecurity.com/files/131510/ADB-Backup-Traversal-File-Overwrite.html
http://seclists.org/fulldisclosure/2015/Apr/51
http://www.securityfocus.com/bid/74211
http://android.googlesource.com/platform/frameworks/base/+/7bc601d%5E!/#F0
http://www.exploit-db.com/exploits/36813/
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
