Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Android ICS "adb restore" directory traversal vulnerability (resending after bounce)
Jun 20 2013 02:39PM
Ariel Berkman (aberkman gmail com)
adb (Android Debug Bridge) backup/restore allows you to backup and
restore applications via adb, including system applications.
The backed up files are stored in tar.zlib (named .ab by default)
files. "adb restore" is vulnerable to a directory traversal attack. By
creating a file named
[ more ]
Copyright 2010, SecurityFocus