Vulnerability identifier: #VU34818
Vulnerability risk: Medium
CVSSv3.1: 4.4 [AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:U/RC:C]
CVE-ID:
CWE-ID:
CWE-22
Exploitation vector: Local
Exploit availability: Yes
Vulnerable software:
Google Android
Operating systems & Components /
Operating system
Vendor: Google
Description
The vulnerability allows a remote attacker to perform directory traversal attacks.
The vulnerability exists due to input validation error when processing directory traversal sequences in the Android debug bridge (aka adb) in Android 4.0.4. A remote authenticated attacker can send a specially crafted HTTP request and physically proximate attackers with a direct connection to the target Android device to write to arbitrary files owned by system via a . (dot dot) in the tar archive headers.
Mitigation
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versions
Google Android: 4.0.4
External links
http://packetstormsecurity.com/files/131510/ADB-Backup-Traversal-File-Overwrite.html
http://seclists.org/fulldisclosure/2015/Apr/51
http://www.securityfocus.com/bid/74211
http://android.googlesource.com/platform/frameworks/base/+/7bc601d%5E!/#F0
http://www.exploit-db.com/exploits/36813/
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.