what you don't know can hurt you
Showing 1 - 25 of 4,703 RSS Feed

Files from Ubuntu

Email addresssecurity at ubuntu.com
First Active2004-10-28
Last Active2019-07-19
Ubuntu Security Notice USN-4066-1
Posted Jul 19, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4066-1 - It was discovered that libmspack incorrectly handled certain CHM files. A remote attacker could possibly use this issue to access sensitive information.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2019-1010305
MD5 | 6800260250ac2328cef66a5e824412f6
Ubuntu Security Notice USN-4065-1
Posted Jul 18, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4065-1 - It was discovered that Squid incorrectly handled Digest authentication. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. It was discovered that Squid incorrectly handled Basic authentication. A remote attacker could use this issue to cause Squid to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 19.04. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-12525, CVE-2019-12527, CVE-2019-12529
MD5 | 4f76b96ab8a7b06f1886fa584c06000c
Ubuntu Security Notice USN-4064-1
Posted Jul 18, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4064-1 - A sandbox escape was discovered in Thunderbird. If a user were tricked in to installing a malicious language pack, an attacker could exploit this to gain additional privileges. Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, bypass same origin restrictions, conduct cross-site scripting attacks, spoof origin attributes, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, spoof, xss
systems | linux, ubuntu
advisories | CVE-2019-11709, CVE-2019-11715, CVE-2019-11717, CVE-2019-11719, CVE-2019-11729, CVE-2019-11730, CVE-2019-9811
MD5 | f7be91863a97abc792600ed7d274b78d
Ubuntu Security Notice USN-4063-1
Posted Jul 17, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4063-1 - Nils Emmerich discovered that LibreOffice incorrectly handled LibreLogo scripts. If a user were tricked into opening a specially crafted document, a remote attacker could cause LibreOffice to execute arbitrary code. Matei "Mal" Badanoiu discovered that LibreOffice incorrectly handled stealth mode. Contrary to expectations, bullet graphics could be retrieved from remote locations when running in stealth mode. Various other issues were also addressed.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-9848, CVE-2019-9849
MD5 | 5c4a3cb496c551255388e2750ed2e624
Ubuntu Security Notice USN-4059-2
Posted Jul 17, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4059-2 - USN-4059-1 and USN-3557-1 fixed several vulnerabilities in Squid. This update provides the corresponding update for Ubuntu 12.04 ESM. Louis Dion-Marcil discovered that Squid incorrectly handled certain Edge Side Includes responses. A malicious remote server could possibly cause Squid to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-1000024, CVE-2018-1000027, CVE-2019-13345
MD5 | d94434b55f2ed5a67ffc830571769e16
Ubuntu Security Notice USN-4062-1
Posted Jul 16, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4062-1 - Rohan Padhye discovered that WavPack incorrectly handled certain WAV files. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2019-1010315
MD5 | 37295b20aa73d5bf2ca6f49f1b81c87a
Ubuntu Security Notice USN-4060-2
Posted Jul 16, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4060-2 - USN-4060-1 fixed several vulnerabilities in nss. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Henry Corrigan-Gibbs discovered that NSS incorrectly handled importing certain curve25519 private keys. An attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly obtain sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-11719, CVE-2019-11729
MD5 | f36f42a446af8c0537c1e6f353b38dc2
Ubuntu Security Notice USN-4061-1
Posted Jul 16, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4061-1 - It was discovered that Redis incorrectly handled the hyperloglog data structure. An attacker could use this issue to cause Redis to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-10192
MD5 | 8b3193b03bab1bc31716f1268177203e
Ubuntu Security Notice USN-4060-1
Posted Jul 16, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4060-1 - Henry Corrigan-Gibbs discovered that NSS incorrectly handled importing certain curve25519 private keys. An attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly obtain sensitive information. Hubert Kario discovered that NSS incorrectly handled PKCS#1 v1.5 signatures when using TLSv1.3. An attacker could possibly use this issue to trick NSS into using PKCS#1 v1.5 signatures, contrary to expectations. This issue only applied to Ubuntu 19.04. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2019-11719, CVE-2019-11727, CVE-2019-11729
MD5 | acf4fb5b8ce93a4b59ab3ef1e3ef1c1b
Ubuntu Security Notice USN-4059-1
Posted Jul 16, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4059-1 - It was discovered that Squid incorrectly handled certain SNMP packets. A remote attacker could possibly use this issue to cause memory consumption, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that Squid incorrectly handled the cachemgr.cgi web module. A remote attacker could possibly use this issue to conduct cross-site scripting attacks. Various other issues were also addressed.

tags | advisory, remote, web, denial of service, cgi, xss
systems | linux, ubuntu
advisories | CVE-2018-19132, CVE-2019-13345
MD5 | bf7b4c06d599e5f9a96a8cba60efc48b
Ubuntu Security Notice USN-4058-1
Posted Jul 16, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4058-1 - It was discovered that Bash incorrectly handled the restricted shell. An attacker could possibly use this issue to escape restrictions and execute any command.

tags | advisory, shell, bash
systems | linux, ubuntu
advisories | CVE-2019-9924
MD5 | 7fb315e3b1d5e09fee1ed9f654e88e7a
Ubuntu Security Notice USN-4057-1
Posted Jul 15, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4057-1 - Mike Salvatore discovered that Zipios mishandled certain malformed ZIP files. An attacker could use this vulnerability to cause a denial of service or consume system resources.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2019-13453
MD5 | dae36d4c344d8686ae8d52665972276a
Ubuntu Security Notice USN-4056-1
Posted Jul 15, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4056-1 - It was discovered that Exiv2 incorrectly handled certain PSD files. An attacker could possibly use this issue to cause a denial of service. It was discovered that Exiv2 incorrectly handled certain PNG files. An attacker could possibly use this issue to cause a denial of service. It was discovered that Exiv2 incorrectly handled certain CRW files. An attacker could possibly use this issue to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2018-19107, CVE-2019-13112, CVE-2019-13114
MD5 | ce37372e3ab8d7f50784568bdf00538a
Ubuntu Security Notice USN-4055-1
Posted Jul 15, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4055-1 - Mike Salvatore discovered that FlightCrew improperly handled certain malformed EPUB files. An attacker could potentially use this vulnerability to cause a denial of service. Mike Salvatore discovered that FlightCrew mishandled certain malformed EPUB files. An attacker could use this vulnerability to write arbitrary files to the filesystem. Mike Salvatore discovered that the version of Zipios included in FlightCrew mishandled certain malformed ZIP files. An attacker could use this vulnerability to cause a denial of service or consume system resources. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-13032, CVE-2019-13241, CVE-2019-13453
MD5 | 797b140c1d1b3f14e7a806b02c5bfedb
Ubuntu Security Notice USN-4054-1
Posted Jul 12, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4054-1 - A sandbox escape was discovered in Firefox. If a user were tricked in to installing a malicious language pack, an attacker could exploit this to gain additional privileges. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass same origin restrictions, conduct cross-site scripting attacks, conduct cross-site request forgery attacks, spoof origin attributes, spoof the addressbar contents, bypass safebrowsing protections, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, spoof, xss, csrf
systems | linux, ubuntu
advisories | CVE-2019-11709, CVE-2019-11711, CVE-2019-11712, CVE-2019-11713, CVE-2019-11715, CVE-2019-11716, CVE-2019-11717, CVE-2019-11719, CVE-2019-11720, CVE-2019-11721, CVE-2019-11724, CVE-2019-11725, CVE-2019-11727, CVE-2019-11729, CVE-2019-11730, CVE-2019-9811
MD5 | 8ea6959ed7ac020d5ddd786544d68258
Ubuntu Security Notice USN-4051-2
Posted Jul 9, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4051-2 - USN-4051-1 fixed a vulnerability in apport. This update provides the corresponding update for Ubuntu 14.04 ESM. Kevin Backhouse discovered a race-condition when reading the user's local Apport configuration. This could be used by a local attacker to cause Apport to include arbitrary files in a resulting crash report. Various other issues were also addressed.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2019-7307
MD5 | 733b6aa2acd3d9fb477fc75c12b7e718
Ubuntu Security Notice USN-4053-1
Posted Jul 9, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4053-1 - It was discovered that GVfs incorrectly handled the admin backend. Files created or moved by the admin backend could end up with the wrong ownership information, contrary to expectations. This issue only affected Ubuntu 18.04 LTS, Ubuntu 18.10, and Ubuntu 19.04. It was discovered that GVfs incorrectly handled authentication on its private D-Bus socket. A local attacker could possibly connect to this socket and issue D-Bus calls. Various other issues were also addressed.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2019-12447, CVE-2019-12449, CVE-2019-12795
MD5 | 7299d5d25ade3a7cb44bb496e5b0fbc5
Ubuntu Security Notice USN-4051-1
Posted Jul 9, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4051-1 - Kevin Backhouse discovered a race-condition when reading the user's local Apport configuration. This could be used by a local attacker to cause Apport to include arbitrary files in a resulting crash report.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2019-7307
MD5 | 23144505a813252b7919bf5f1a86185f
Ubuntu Security Notice USN-4052-1
Posted Jul 9, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4052-1 - Kevin Backhouse discovered Whoopsie incorrectly handled very large crash reports. A local attacker could possibly use this issue to cause a denial of service or expose sensitive information.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2019-11476
MD5 | 676f56ff3a2471481b6312ae1fb3db60
Ubuntu Security Notice USN-4049-2
Posted Jul 8, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4049-2 - USN-4049-1 fixed a vulnerability in GLib. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that GLib created directories and files without properly restricting permissions. An attacker could possibly use this issue to access sensitive information. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2019-13012
MD5 | 66f40a6cb412f9a48f86efbc14838758
Ubuntu Security Notice USN-4050-1
Posted Jul 8, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4050-1 - It was discovered that ZeroMQ incorrectly handled certain application metadata. A remote attacker could use this issue to cause ZeroMQ to crash, or possibly execute arbitrary code.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-13132
MD5 | 4d685491f2c5137cd9958f8dbcb03095
Ubuntu Security Notice USN-4049-1
Posted Jul 8, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4049-1 - It was discovered that GLib created directories and files without properly restricting permissions. An attacker could possibly use this issue to access sensitive information.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2019-13012
MD5 | 88ce2847f17280523d80b9198539b51c
Ubuntu Security Notice USN-4048-1
Posted Jul 8, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4048-1 - Aleksa Sarai discovered that Docker was vulnerable to a directory traversal attack. An attacker could use this vulnerability to read and write arbitrary files on the host filesystem as root.

tags | advisory, arbitrary, root
systems | linux, ubuntu
advisories | CVE-2018-15664
MD5 | 871c67e67ab749e19e22393b83603276
Ubuntu Security Notice USN-4047-1
Posted Jul 8, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4047-1 - Matthias Gerstner and Ján Tomko discovered that libvirt incorrectly handled certain API calls. An attacker could possibly use this issue to check for arbitrary files, or execute arbitrary binaries. In the default installation, attackers would be isolated by the libvirt AppArmor profile.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-10161
MD5 | 958c7958a85b06e378fab329bef5e1ea
Ubuntu Security Notice USN-4046-1
Posted Jul 7, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4046-1 - It was discovered that Irssi incorrectly handled certain disconnections. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 18.04 LTS. It was discovered that Irssi incorrectly handled certain requests. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-7054, CVE-2019-13045
MD5 | 1dfe43f222e448ed9f244002ac7dbb22
Page 1 of 189
Back12345Next

File Archive:

July 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    34 Files
  • 2
    Jul 2nd
    15 Files
  • 3
    Jul 3rd
    9 Files
  • 4
    Jul 4th
    8 Files
  • 5
    Jul 5th
    2 Files
  • 6
    Jul 6th
    3 Files
  • 7
    Jul 7th
    1 Files
  • 8
    Jul 8th
    15 Files
  • 9
    Jul 9th
    15 Files
  • 10
    Jul 10th
    20 Files
  • 11
    Jul 11th
    17 Files
  • 12
    Jul 12th
    16 Files
  • 13
    Jul 13th
    2 Files
  • 14
    Jul 14th
    1 Files
  • 15
    Jul 15th
    20 Files
  • 16
    Jul 16th
    27 Files
  • 17
    Jul 17th
    7 Files
  • 18
    Jul 18th
    5 Files
  • 19
    Jul 19th
    12 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close