Exploit the possiblities
Showing 26 - 50 of 3,987 RSS Feed

Files from Ubuntu

Email addresssecurity at ubuntu.com
First Active2004-10-28
Last Active2018-02-19
Ubuntu Security Notice USN-3554-2
Posted Jan 31, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3554-2 - USN-3554-1 fixed vulnerabilities in curl. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that curl could accidentally leak authentication data. An attacker could possibly use this to get access to sensitive information. Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-1000007
MD5 | cbb336ff298a6ef4206c6c5ed8192aef
Ubuntu Security Notice USN-3553-1
Posted Jan 31, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3553-1 - It was discovered that Ruby failed to validate specification names. An attacker could possibly use a maliciously crafted gem to potentially overwrite any file on the filesystem. It was discovered that Ruby was vulnerable to a DNS hijacking vulnerability. An attacker could use this to possibly force the RubyGems client to download and install gems from a server that the attacker controls. Various other issues were also addressed.

tags | advisory, ruby
systems | linux, ubuntu
advisories | CVE-2017-0901, CVE-2017-0902, CVE-2017-0903
MD5 | 9fbc460d38073ceb73302a8f256c5cbc
Ubuntu Security Notice USN-3551-1
Posted Jan 31, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3551-1 - Multiple security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the user interface, or execute arbitrary code.

tags | advisory, web, denial of service, arbitrary, spoof, javascript
systems | linux, ubuntu
advisories | CVE-2017-13884, CVE-2017-13885, CVE-2017-7153, CVE-2017-7160, CVE-2017-7161, CVE-2017-7165, CVE-2018-4088, CVE-2018-4096
MD5 | 03155ba7333222d7d3aaa92e3651eaee
Ubuntu Security Notice USN-3550-1
Posted Jan 31, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3550-1 - It was discovered that ClamAV incorrectly handled parsing certain mail messages. A remote attacker could use this issue to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that ClamAV incorrectly handled parsing certain PDF files. A remote attacker could use this issue to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-12374, CVE-2017-12375, CVE-2017-12376, CVE-2017-12377, CVE-2017-12378, CVE-2017-12379, CVE-2017-12380
MD5 | 5f3208b5b603b99222466af1acb0b1c1
Ubuntu Security Notice USN-3529-1
Posted Jan 30, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3529-1 - It was discovered that a From address encoded with a null character is cut off in the message header display. An attacker could potentially exploit this to spoof the sender address. It was discovered that it is possible to execute JavaScript in RSS feeds in some circumstances. If a user were tricked in to opening a specially crafted RSS feed, an attacker could potentially exploit this in combination with another vulnerability, in order to cause unspecified problems. Various other issues were also addressed.

tags | advisory, spoof, javascript
systems | linux, ubuntu
advisories | CVE-2017-7829, CVE-2017-7846, CVE-2017-7847, CVE-2017-7848, CVE-2018-5013, CVE-2018-5089, CVE-2018-5095, CVE-2018-5096, CVE-2018-5097, CVE-2018-5098, CVE-2018-5099, CVE-2018-5102, CVE-2018-5103, CVE-2018-5104, CVE-2018-5117
MD5 | d84c99d87e33bb182108e9d20d529f0f
Ubuntu Security Notice USN-3549-1
Posted Jan 30, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3549-1 - Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-5715, CVE-2017-5753
MD5 | e351d3919427f019b452313752353804
Ubuntu Security Notice USN-3548-2
Posted Jan 26, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3548-2 - USN-3548-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.10. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 17.10 for Ubuntu 16.04 LTS. Jay Vosburgh discovered a logic error in the x86-64 syscall entry implementation in the Linux kernel, introduced as part of the mitigations for the Spectre vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, x86, kernel, local, vulnerability
systems | linux, ubuntu
MD5 | 0d470581592ec8daa7fabea36ed96c69
Ubuntu Security Notice USN-3548-1
Posted Jan 26, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3548-1 - Jay Vosburgh discovered a logic error in the x86-64 syscall entry implementation in the Linux kernel, introduced as part of the mitigations for the Spectre vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, x86, kernel, local
systems | linux, ubuntu
MD5 | 98e4af140782a4a6f1256006225407f0
Ubuntu Security Notice USN-3547-1
Posted Jan 25, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3547-1 - It was discovered that Libtasn1 incorrectly handled certain files. If a user were tricked into opening a crafted file, an attacker could possibly use this to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. It was discovered that Libtasn1 incorrectly handled certain inputs. An attacker could possibly use this to cause Libtasn1 to hang, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 17.10. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2017-10790, CVE-2018-6003
MD5 | f03cb026d4c3bae88271577c36f63c20
Ubuntu Security Notice USN-3537-2
Posted Jan 25, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3537-2 - USN-3537-1 fixed vulnerabilities in MySQL. This update provides the corresponding update for Ubuntu 12.04 ESM. Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.5.59 in Ubuntu 12.04 ESM LTS. Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-2562, CVE-2018-2622, CVE-2018-2640, CVE-2018-2665, CVE-2018-2668
MD5 | 241168a296a06cc7580d1d772b065587
Ubuntu Security Notice USN-3544-1
Posted Jan 25, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3544-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, spoof the origin in audio capture prompts, trick the user in to providing HTTP credentials for another origin, spoof the addressbar contents, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, web, denial of service, arbitrary, spoof
systems | linux, ubuntu
advisories | CVE-2018-5089, CVE-2018-5090, CVE-2018-5091, CVE-2018-5092, CVE-2018-5093, CVE-2018-5094, CVE-2018-5095, CVE-2018-5097, CVE-2018-5098, CVE-2018-5099, CVE-2018-5100, CVE-2018-5101, CVE-2018-5102, CVE-2018-5103, CVE-2018-5104, CVE-2018-5105, CVE-2018-5106, CVE-2018-5107, CVE-2018-5108, CVE-2018-5109, CVE-2018-5111, CVE-2018-5112, CVE-2018-5113, CVE-2018-5114, CVE-2018-5115, CVE-2018-5116, CVE-2018-5117, CVE-2018-5118
MD5 | 3512dddb5483e5d2d278b7c8faf4c5d7
Ubuntu Security Notice USN-3546-1
Posted Jan 25, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3546-1 - Richard Hughes discovered that gcab incorrectly handled certain malformed cabinet files. If a user or automated system were tricked into opening a specially crafted cabinet file, a remote attacker could use this issue to cause gcab to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-5345
MD5 | 56ed41a81c3cfde6f6f4eac5ad6ed18b
Ubuntu Security Notice USN-3543-2
Posted Jan 24, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3543-2 - USN-3543-1 fixed vulnerabilities in rsync. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that rsync incorrectly handled certain data input. An attacker could possibly use this to cause a denial of service or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-16548, CVE-2018-5764
MD5 | b7f4012e21983e77a86ee662f8b50bb3
Ubuntu Security Notice USN-3543-1
Posted Jan 24, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3543-1 - It was discovered that rsync incorrectly handled certain data input. An attacker could possibly use this to cause a denial of service or execute arbitrary code. It was discovered that rsync incorrectly parsed certain arguments. An attacker could possibly use this to bypass arguments and execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-16548, CVE-2018-5764
MD5 | 6a7d5c1711b70ccf0fd32fc7fa9be944
Ubuntu Security Notice USN-3541-2
Posted Jan 23, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3541-2 - USN-3541-1 addressed vulnerabilities in the Linux kernel for Ubuntu 17.10. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 17.10 for Ubuntu 16.04 LTS. Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. This update provides mitigations for the i386 , amd64, ppc64el, and s390x architectures. Various other issues were also addressed.

tags | advisory, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-5715, CVE-2017-5753, CVE-2017-5754
MD5 | 291d28710246bff8a81bbd02f296fde8
Ubuntu Security Notice USN-3542-2
Posted Jan 23, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3542-2 - USN-3542-1 addressed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. This update provides mitigations for the i386 and amd64 architectures. Various other issues were also addressed.

tags | advisory, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-5715, CVE-2017-5753
MD5 | 346bb8be0070ef6410771167a6a887b1
Ubuntu Security Notice USN-3540-2
Posted Jan 23, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3540-2 - USN-3540-1 addressed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. This update provides mitigations for the i386 , amd64, ppc64el, and s390x architectures. Various other issues were also addressed.

tags | advisory, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-5715, CVE-2017-5753, CVE-2017-5754
MD5 | 5604062afa06e52a2f671c515ed00022
Ubuntu Security Notice USN-3542-1
Posted Jan 23, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3542-1 - Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. This update provides mitigations for the i386 and amd64 architectures.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-5715, CVE-2017-5753
MD5 | 41674a2062e24cf04eb13a57feda1988
Ubuntu Security Notice USN-3541-1
Posted Jan 23, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3541-1 - Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. This update provides mitigations for the i386 , amd64, ppc64el, and s390x architectures. USN-3523-1 mitigated CVE-2017-5754 for the amd64 architecture in Ubuntu 17.10. This update provides the corresponding mitigations for the ppc64el architecture. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-5715, CVE-2017-5753, CVE-2017-5754
MD5 | 69072e250aabea00e31d00651148ced7
Ubuntu Security Notice USN-3540-1
Posted Jan 23, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3540-1 - Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. This update provides mitigations for the i386 , amd64, ppc64el, and s390x architectures. USN-3522-1 mitigated CVE-2017-5754 for the amd64 architecture in Ubuntu 16.04 LTS. This update provides the corresponding mitigations for the ppc64el architecture. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-5715, CVE-2017-5753, CVE-2017-5754
MD5 | 7e06ecbb56d7da89a0084ba43fb89939
Ubuntu Security Notice USN-3539-1
Posted Jan 23, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3539-1 - It was discovered that GIMP incorrectly handled certain images. If a user were tricked into opening a specially crafted image, an attacker could possibly use this to execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-17784, CVE-2017-17785, CVE-2017-17786, CVE-2017-17787, CVE-2017-17788, CVE-2017-17789
MD5 | af9852c135d61d95dd05d59f984170de
Ubuntu Security Notice USN-3538-1
Posted Jan 23, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3538-1 - Jann Horn discovered that OpenSSH incorrectly loaded PKCS#11 modules from untrusted directories. A remote attacker could possibly use this issue to execute arbitrary PKCS#11 modules. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Jann Horn discovered that OpenSSH incorrectly handled permissions on Unix-domain sockets when privilege separation is disabled. A local attacker could possibly use this issue to gain privileges. This issue only affected Ubuntu 16.04 LTS. Various other issues were also addressed.

tags | advisory, remote, arbitrary, local
systems | linux, unix, ubuntu
advisories | CVE-2016-10009, CVE-2016-10010, CVE-2016-10011, CVE-2016-10012, CVE-2017-15906
MD5 | b38f34db0e15c7e599d23d4349fda45d
Ubuntu Security Notice USN-3537-1
Posted Jan 22, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3537-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.5.59 in Ubuntu 14.04 LTS. Ubuntu 16.04 LTS, and Ubuntu 17.10 have been updated to MySQL 5.7.21. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2018-2562, CVE-2018-2565, CVE-2018-2573, CVE-2018-2576, CVE-2018-2583, CVE-2018-2586, CVE-2018-2590, CVE-2018-2600, CVE-2018-2612, CVE-2018-2622, CVE-2018-2640, CVE-2018-2645, CVE-2018-2646, CVE-2018-2647, CVE-2018-2665, CVE-2018-2667, CVE-2018-2668, CVE-2018-2696, CVE-2018-2703
MD5 | 82a01701711c492abceea0ded68d6bff
Ubuntu Security Notice USN-3531-2
Posted Jan 22, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3531-2 - USN-3531-1 updated Intel microcode to the 20180108 release. Regressions were discovered in the microcode updates which could cause system instability on certain hardware platforms. At the request of Intel, we have reverted to the previous packaged microcode version, the 20170707 release. It was discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. This update provides the microcode updates required for the corresponding Linux kernel updates. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-5715
MD5 | 0835473431422f7929814224db8f57ff
Ubuntu Security Notice USN-3536-1
Posted Jan 18, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3536-1 - It was discovered that the GNU C library did not properly handle all of the possible return values from the kernel getcwd syscall. A local attacker could potentially exploit this to execute arbitrary code in setuid programs and gain administrative privileges.

tags | advisory, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2018-1000001
MD5 | 8c4667c2973230ddb616da2d0fb05e48
Page 2 of 160
Back12345Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

February 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    15 Files
  • 2
    Feb 2nd
    15 Files
  • 3
    Feb 3rd
    15 Files
  • 4
    Feb 4th
    13 Files
  • 5
    Feb 5th
    16 Files
  • 6
    Feb 6th
    15 Files
  • 7
    Feb 7th
    15 Files
  • 8
    Feb 8th
    15 Files
  • 9
    Feb 9th
    18 Files
  • 10
    Feb 10th
    8 Files
  • 11
    Feb 11th
    8 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    15 Files
  • 14
    Feb 14th
    15 Files
  • 15
    Feb 15th
    17 Files
  • 16
    Feb 16th
    18 Files
  • 17
    Feb 17th
    37 Files
  • 18
    Feb 18th
    2 Files
  • 19
    Feb 19th
    11 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close