Exploit the possiblities
Showing 26 - 50 of 3,901 RSS Feed

Files from Ubuntu

Email addresssecurity at ubuntu.com
First Active2004-10-28
Last Active2017-12-09
Ubuntu Security Notice USN-3496-1
Posted Nov 28, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3496-1 - It was discovered that Python incorrectly handled decoding certain strings. An attacker could possibly use this issue to execute arbitrary code.

tags | advisory, arbitrary, python
systems | linux, ubuntu
advisories | CVE-2017-1000158
MD5 | 41b98a01dccbfb51a73270c60534efa7
Ubuntu Security Notice USN-3477-2
Posted Nov 27, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3477-2 - USN-3477-1 fixed vulnerabilities in Firefox. The update caused search suggestions to not be displayed when performing Google searches from the search bar. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, read uninitialized memory, obtain sensitive information, bypass same-origin restrictions, bypass CSP protections, bypass mixed content blocking, spoof the addressbar, or execute arbitrary code. It was discovered that javascript: URLs pasted in to the addressbar would be executed instead of being blocked in some circumstances. If a user were tricked in to copying a specially crafted URL in to the addressbar, an attacker could potentially exploit this to conduct cross-site scripting attacks. It was discovered that exported bookmarks do not strip script elements from user-supplied tags. If a user were tricked in to adding specially crafted tags to bookmarks, exporting them and then opening the resulting HTML file, an attacker could potentially exploit this to conduct cross-site scripting attacks. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, spoof, javascript, vulnerability, xss
systems | linux, ubuntu
advisories | CVE-2017-7828, CVE-2017-7830, CVE-2017-7831, CVE-2017-7832, CVE-2017-7833, CVE-2017-7834, CVE-2017-7835, CVE-2017-7837, CVE-2017-7838, CVE-2017-7839, CVE-2017-7840, CVE-2017-7842
MD5 | 6cdcaf4a995ce8dd8f0d4dc8e6b43d6b
Ubuntu Security Notice USN-3495-1
Posted Nov 27, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3495-1 - It was discovered that OptiPNG incorrectly handled memory. A remote attacker could use this issue with a specially crafted image file to cause OptiPNG to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-1000229
MD5 | 8ca2f9f87976d7e5cc17ac54c1ada204
Ubuntu Security Notice USN-3494-1
Posted Nov 27, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3494-1 - It was discovered that XML::LibXML incorrectly handled memory when processing a replaceChild call. A remote attacker could possibly use this issue to execute arbitrary code.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-10672
MD5 | 4d10bef8b7f501f4c8cf320aa04f1117
Ubuntu Security Notice USN-3493-1
Posted Nov 27, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3493-1 - It was discovered that Exim incorrectly handled memory in the ESMTP CHUNKING extension. A remote attacker could use this issue to cause Exim to crash, resulting in a denial of service, or possibly execute arbitrary code. The default compiler options for affected releases should reduce the vulnerability to a denial of service.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-16943
MD5 | 2bd0e6e8f8c7ebdceaa13a9f3c6466e7
Ubuntu Security Notice USN-3476-2
Posted Nov 27, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3476-2 - USN-3476-1 fixed two vulnerabilities in postgresql-common. This update provides the corresponding update for Ubuntu 12.04 ESM. Dawid Golunski discovered that the postgresql-common pg_ctlcluster script incorrectly handled symlinks. A local attacker could possibly use this issue to escalate privileges. Various other issues were also addressed.

tags | advisory, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-1255, CVE-2017-8806
MD5 | 516949c3cc678726f2ab1d952e928051
Ubuntu Security Notice USN-3492-1
Posted Nov 24, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3492-1 - It was discovered that LibRaw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted photo file, a remote attacker could cause applications linked against LibRaw to crash, resulting in a denial of service, or possibly execute arbitrary code

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2015-3885, CVE-2015-8366, CVE-2015-8367, CVE-2017-13735, CVE-2017-14265, CVE-2017-14348, CVE-2017-14608, CVE-2017-6886, CVE-2017-6887
MD5 | 83a33557f818dec42d9496c8584b77fb
Ubuntu Security Notice USN-3491-1
Posted Nov 24, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3491-1 - Leon Weber discovered that the ldns-keygen tool incorrectly set permissions on private keys. A local attacker could possibly use this issue to obtain generated private keys. This issue only applied to Ubuntu 14.04 LTS. Stephan Zeisberg discovered that ldns incorrectly handled memory when processing data. A remote attacker could use this issue to cause ldns to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2014-3209, CVE-2017-1000231, CVE-2017-1000232
MD5 | 0e16712d882fe0fc0b09cee7026d8582
Ubuntu Security Notice USN-3489-2
Posted Nov 22, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3489-2 - USN-3489-1 fixed a vulnerability in Berkeley DB. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that Berkeley DB incorrectly handled certain configuration files. An attacker could possibly use this issue to read sensitive information. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2017-10140
MD5 | 88bdcc6c1a9db76bfe55829862222bc9
Ubuntu Security Notice USN-3489-1
Posted Nov 22, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3489-1 - It was discovered that Berkeley DB incorrectly handled certain configuration files. An attacker could possibly use this issue to read sensitive information.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2017-10140
MD5 | 35984ce6dc03eb352f87f7471664c162
Ubuntu Security Notice USN-3485-3
Posted Nov 22, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3485-3 - It was discovered that a race condition existed in the ALSA subsystem of the Linux kernel when creating and deleting a port via ioctl. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Eric Biggers discovered that the key management subsystem in the Linux kernel did not properly restrict adding a key that already exists but is uninstantiated. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-15265, CVE-2017-15299, CVE-2017-15649, CVE-2017-15951, CVE-2017-16525, CVE-2017-16526, CVE-2017-16527, CVE-2017-16529, CVE-2017-16530, CVE-2017-16531, CVE-2017-16533, CVE-2017-16534, CVE-2017-16535
MD5 | b42a8de1b5ec762ade00ecbe31f381cf
Ubuntu Security Notice USN-3488-1
Posted Nov 22, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3488-1 - It was discovered that the KVM subsystem in the Linux kernel did not properly keep track of nested levels in guest page tables. A local attacker in a guest VM could use this to cause a denial of service or possibly execute arbitrary code in the host OS.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-12188
MD5 | d34cb4725ea351f0b767b2b909e12fa3
Ubuntu Security Notice USN-3487-1
Posted Nov 22, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3487-1 - It was discovered that the KVM subsystem in the Linux kernel did not properly keep track of nested levels in guest page tables. A local attacker in a guest VM could use this to cause a denial of service or possibly execute arbitrary code in the host OS. It was discovered that on the PowerPC architecture, the kernel did not properly sanitize the signal stack when handling sigreturn. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-1000255, CVE-2017-12153, CVE-2017-12154, CVE-2017-12188, CVE-2017-12190, CVE-2017-12192, CVE-2017-14156, CVE-2017-14489, CVE-2017-14954, CVE-2017-15265, CVE-2017-15537, CVE-2017-15649, CVE-2017-16525, CVE-2017-16526, CVE-2017-16527, CVE-2017-16529, CVE-2017-16530, CVE-2017-16531, CVE-2017-16533, CVE-2017-16534
MD5 | 7ad11b332e12a1efd657b9f496e49a87
Ubuntu Security Notice USN-3484-3
Posted Nov 22, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3484-3 - It was discovered that the KVM subsystem in the Linux kernel did not properly keep track of nested levels in guest page tables. A local attacker in a guest VM could use this to cause a denial of service or possibly execute arbitrary code in the host OS.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-12188
MD5 | 66bacd47a663c0d54ece524add84d230
Ubuntu Security Notice USN-3486-2
Posted Nov 21, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3486-2 - USN-3486-1 fixed a vulnerability in Samba. This update provides the corresponding update for Ubuntu 12.04 ESM. Volker Lendecke discovered that Samba incorrectly cleared memory when returning data to a client. A remote attacker could possibly use this issue to obtain sensitive information. Various other issues were also addressed.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2017-15275
MD5 | a0f5315cd609a4736f577b649ec1843d
Ubuntu Security Notice USN-3486-1
Posted Nov 21, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3486-1 - Yihan Lian and Zhibin Hu discovered that Samba incorrectly handled memory when processing certain SMB1 requests. A remote attacker could possibly use this issue to execute arbitrary code. Volker Lendecke discovered that Samba incorrectly cleared memory when returning data to a client. A remote attacker could possibly use this issue to obtain sensitive information.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-14746, CVE-2017-15275
MD5 | 8fa08470f846483b1b653d87a9ae18e1
Ubuntu Security Notice USN-3483-2
Posted Nov 21, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3483-2 - USN-3483-1 fixed a vulnerability in procmail. This update provides the corresponding update for Ubuntu 12.04 ESM. Jakub Wilk discovered that the formail tool incorrectly handled certain malformed mail messages. An attacker could use this flaw to cause formail to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-16844
MD5 | 836e0dd8e3cbe0a7357e84930c695d35
Ubuntu Security Notice USN-3485-2
Posted Nov 20, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3485-2 - USN-3485-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that a race condition existed in the ALSA subsystem of the Linux kernel when creating and deleting a port via ioctl. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-15265, CVE-2017-15299, CVE-2017-15649, CVE-2017-15951, CVE-2017-16525, CVE-2017-16526, CVE-2017-16527, CVE-2017-16529, CVE-2017-16530, CVE-2017-16531, CVE-2017-16533, CVE-2017-16534, CVE-2017-16535
MD5 | 5d93020024e24d68a43b1db5e4571ef0
Ubuntu Security Notice USN-3485-1
Posted Nov 20, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3485-1 - It was discovered that a race condition existed in the ALSA subsystem of the Linux kernel when creating and deleting a port via ioctl. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Eric Biggers discovered that the key management subsystem in the Linux kernel did not properly restrict adding a key that already exists but is uninstantiated. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-15265, CVE-2017-15299, CVE-2017-15649, CVE-2017-15951, CVE-2017-16525, CVE-2017-16526, CVE-2017-16527, CVE-2017-16529, CVE-2017-16530, CVE-2017-16531, CVE-2017-16533, CVE-2017-16534, CVE-2017-16535
MD5 | 04e7255785511894b9481aaf658d47a8
Ubuntu Security Notice USN-3484-2
Posted Nov 20, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3484-2 - USN-3484-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.04. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 17.04 for Ubuntu 16.04 LTS. It was discovered that the KVM subsystem in the Linux kernel did not properly keep track of nested levels in guest page tables. A local attacker in a guest VM could use this to cause a denial of service or possibly execute arbitrary code in the host OS. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-12188
MD5 | 19e4db7ada05df9747621fb71935501e
Ubuntu Security Notice USN-3484-1
Posted Nov 20, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3484-1 - It was discovered that the KVM subsystem in the Linux kernel did not properly keep track of nested levels in guest page tables. A local attacker in a guest VM could use this to cause a denial of service or possibly execute arbitrary code in the host OS.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-12188
MD5 | 4e3b827121d1541ad1c6d68c8831039e
Ubuntu Security Notice USN-3480-2
Posted Nov 20, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3480-2 - USN-3480-1 fixed vulnerabilities in Apport. The fix for CVE-2017-14177 introduced a regression in the ability to handle crashes for users that configured their systems to use the Upstart init system in Ubuntu 16.04 LTS and Ubuntu 17.04. The fix for CVE-2017-14180 temporarily disabled crash forwarding to containers. This update addresses the problems. Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-14177, CVE-2017-14180
MD5 | 187d13705d588506b1f9efb92a04f86a
Ubuntu Security Notice USN-3483-1
Posted Nov 20, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3483-1 - Jakub Wilk discovered that the formail tool incorrectly handled certain malformed mail messages. An attacker could use this flaw to cause formail to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-16844
MD5 | 6b1a28393ccb7967f9b1e090c2b4aff9
Ubuntu Security Notice USN-3482-1
Posted Nov 17, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3482-1 - It was discovered that racoon, the ipsec-tools IKE daemon, incorrectly handled certain ISAKMP fragments. A remote attacker could use this issue to cause racoon to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2016-10396
MD5 | c03a17de47f9086226a6a0912badf93f
Ubuntu Security Notice USN-3477-1
Posted Nov 17, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3477-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, read uninitialized memory, obtain sensitive information, bypass same-origin restrictions, bypass CSP protections, bypass mixed content blocking, spoof the addressbar, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, spoof
systems | linux, ubuntu
advisories | CVE-2017-7826, CVE-2017-7827, CVE-2017-7828, CVE-2017-7830, CVE-2017-7831, CVE-2017-7832, CVE-2017-7833, CVE-2017-7834, CVE-2017-7835, CVE-2017-7837, CVE-2017-7838, CVE-2017-7839, CVE-2017-7840, CVE-2017-7842
MD5 | 5ed2b9f8c90425388420326b5e31775d
Page 2 of 156
Back12345Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    33 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close