exploit the possibilities
Showing 26 - 50 of 5,371 RSS Feed

Files from Ubuntu

Email addresssecurity at ubuntu.com
First Active2004-10-28
Last Active2020-10-21
Ubuntu Security Notice USN-4567-1
Posted Oct 6, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4567-1 - It was discovered that OpenDMARC is prone to a signature-bypass vulnerability with multiple "From:" addresses. An attacker could use it to bypass spam and abuse filters.

tags | advisory, bypass
systems | linux, ubuntu
advisories | CVE-2019-16378
MD5 | a2e9268df566af8fb0bbf4f25c5f5e29
Ubuntu Security Notice USN-4566-1
Posted Oct 6, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4566-1 - It was discovered that Cyrus IMAP Server could execute arbitrary code via a crafted HTTP PUT operation for an event with a long iCalendar property name. An attacker could use this vulnerability to cause a crash or possibly execute arbitrary code. It was discovered that the Cyrus IMAP Server allow users to create any mailbox with administrative privileges. A local attacker could use this to obtain sensitive information. Various other issues were also addressed.

tags | advisory, web, arbitrary, local, imap
systems | linux, ubuntu
advisories | CVE-2019-11356, CVE-2019-19783
MD5 | 24a0f0b0c12ffc0d122c2f3854f8df99
Ubuntu Security Notice USN-4565-1
Posted Oct 6, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4565-1 - It was discovered that OpenConnect has a buffer overflow when a malicious server uses HTTP chunked encoding with crafted chunk sizes. An attacker could use it to provoke a denial of service.

tags | advisory, web, denial of service, overflow
systems | linux, ubuntu
advisories | CVE-2019-16239
MD5 | 414bf529f860a809a39b585c211f127f
Ubuntu Security Notice USN-4564-1
Posted Oct 6, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4564-1 - It was discovered that Apache Tika can have an excessive memory usage by using a crafted or corrupt PSD file. An attacker could use it to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2020-1950
MD5 | 4e06099738e8627335558f73c553a534
Ubuntu Security Notice USN-4571-1
Posted Oct 5, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4571-1 - It was discovered that rack-cors did not properly handle relative file paths. An attacker could use this vulnerability to access arbitrary files.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-18978
MD5 | 3792c9ba4991a2361f83302e19df622d
Ubuntu Security Notice USN-4570-1
Posted Oct 5, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4570-1 - It was discovered that urllib3 incorrectly handled certain character sequences. A remote attacker could possibly use this issue to perform CRLF injection.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2020-26137
MD5 | 94d0262eabdbd307023dc56562e3ca2e
Ubuntu Security Notice USN-4568-1
Posted Oct 5, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4568-1 - It was discovered that Brotli incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2020-8927
MD5 | cd338bab79a09cb37fa2330bc5282b74
Ubuntu Security Notice USN-4569-1
Posted Oct 5, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4569-1 - It was discovered that Yaws did not properly sanitize XML input. A remote attacker could use this vulnerability to execute an XML External Entity injection attack. It was discovered that Yaws mishandled certain input when running CGI scripts. A remote attacker could use this vulnerability to execute arbitrary commands.

tags | advisory, remote, arbitrary, cgi
systems | linux, ubuntu
advisories | CVE-2020-24379, CVE-2020-24916
MD5 | b57e1fe6c87cc3eebc0b2bd7a99b1ee1
Ubuntu Security Notice USN-4563-1
Posted Oct 2, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4563-1 - It was discovered that the fix for CVE-2018-7182 introduced a NULL pointer dereference into NTP. An attacker could use this vulnerability to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2019-8936
MD5 | b9934375d7ec3f0ca1b14ac7a67351c1
Ubuntu Security Notice USN-4562-1
Posted Oct 1, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4562-1 - It was discovered that kramdown insecurely handled certain crafted input. An attacker could use this vulnerability to read restricted files or execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-14001
MD5 | ebf1cdf60c7f8611d34ce58ab46f6a1c
Ubuntu Security Notice USN-4561-1
Posted Oct 1, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4561-1 - It was discovered that Rack incorrectly handled certain paths. An attacker could possibly use this issue to obtain sensitive information. It was discovered that Rack incorrectly validated cookies. An attacker could possibly use this issue to forge a secure cookie.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2020-8161, CVE-2020-8184
MD5 | 1647278df1e467bf98dbfb76e8bf528f
Ubuntu Security Notice USN-4560-1
Posted Sep 30, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4560-1 - It was discovered that Gon gem did not properly escape certain input. An attacker could use this vulnerability to execute a cross-site scripting attack.

tags | advisory, xss
systems | linux, ubuntu
advisories | CVE-2020-25739
MD5 | 4d11001b45a8a1e03d7bfd7ed8e32e6e
Ubuntu Security Notice USN-4559-1
Posted Sep 30, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4559-1 - Tom Tervoort discovered that the Netlogon protocol implemented by Samba incorrectly handled the authentication scheme. A remote attacker could use this issue to forge an authentication token and steal the credentials of the domain admin. While a previous security update fixed the issue by changing the "server schannel" setting to default to "yes", instead of "auto", which forced a secure netlogon channel, this update provides additional improvements. Various other issues were also addressed.

tags | advisory, remote, protocol
systems | linux, ubuntu
advisories | CVE-2020-1472
MD5 | f57c43c56dc64d4f2d620467cfd5a8fc
Ubuntu Security Notice USN-4557-1
Posted Sep 30, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4557-1 - It was discovered that the Tomcat realm implementations incorrectly handled passwords when a username didn't exist. A remote attacker could possibly use this issue to enumerate usernames. Alvaro Munoz and Alexander Mirosh discovered that Tomcat incorrectly limited use of a certain utility method. A malicious application could possibly use this to bypass Security Manager restrictions. It was discovered that Tomcat incorrectly controlled reading system properties. A malicious application could possibly use this to bypass Security Manager restrictions. Various other issues were also addressed.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2016-0762, CVE-2016-5018, CVE-2016-6794, CVE-2016-6796, CVE-2016-6797, CVE-2016-6816, CVE-2016-8735
MD5 | a8c32c42978a0fc017c17a327e2e5b01
Ubuntu Security Notice USN-4558-1
Posted Sep 30, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4558-1 - It was discovered that libapreq2 did not properly sanitize the Content-Type field in certain, crafted HTTP requests. An attacker could use this vulnerability to cause libapreq2 to crash.

tags | advisory, web
systems | linux, ubuntu
advisories | CVE-2019-12412
MD5 | 9c892d7f5d379e3152a26205604b5b0d
Ubuntu Security Notice USN-4556-1
Posted Sep 29, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4556-1 - It was discovered that netqmail did not properly handle certain input. Both remote and local attackers could use this vulnerability to cause netqmail to crash or execute arbitrary code. It was discovered that netqmail did not properly handle certain input when validating email addresses. An attacker could use this to bypass email address validation. Various other issues were also addressed.

tags | advisory, remote, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2005-1513, CVE-2005-1515, CVE-2020-3811, CVE-2020-3812
MD5 | acc8c2f4c28a224574408a5870713fdf
Ubuntu Security Notice USN-4547-2
Posted Sep 29, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4547-2 - It was discovered that the LibVNCClient vendored in SSVNC incorrectly handled certain packet lengths. A remote attacker could possibly use this issue to obtain sensitive information, cause a denial of service, or execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-20020
MD5 | 10e3d0622f2e336e51652caf06b7cf9d
Ubuntu Security Notice USN-4554-1
Posted Sep 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4554-1 - It was discovered that libPGF lacked proper validation when opening a specially crafted PGF file. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2015-6673
MD5 | bfc4216986a760d149d77f8c6b30546b
Ubuntu Security Notice USN-4553-1
Posted Sep 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4553-1 - It was discovered that Teeworlds server did not properly handler certain network traffic. A remote, unauthenticated attacker could use this vulnerability to cause Teeworlds server to crash.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2020-12066
MD5 | 67e2f0aab1a5f038566b1636c11f252b
Ubuntu Security Notice USN-4552-1
Posted Sep 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4552-1 - Malte Kraus discovered that Pam-python mishandled certain environment variables. A local attacker could potentially use this vulnerability to execute programs as root.

tags | advisory, local, root, python
systems | linux, ubuntu
advisories | CVE-2019-16729
MD5 | 9b50a0e88882a3a241628e82fb4462d0
Ubuntu Security Notice USN-4550-1
Posted Sep 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4550-1 - Ryan Hall discovered that DPDK incorrectly handled vhost crypto. An attacker inside a guest could use these issues to perform multiple attacks, including denial of service attacks, obtaining sensitive information from the host, and possibly executing arbitrary code on the host.

tags | advisory, denial of service, arbitrary, crypto
systems | linux, ubuntu
advisories | CVE-2020-14374, CVE-2020-14378
MD5 | 078d6a4237c00a31ffbd2417dbef8c6b
Ubuntu Security Notice USN-4551-1
Posted Sep 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4551-1 - Alex Rousskov and Amit Klein discovered that Squid incorrectly handled certain Content-Length headers. A remote attacker could possibly use this issue to perform an HTTP request smuggling attack, resulting in cache poisoning. Amit Klein discovered that Squid incorrectly validated certain data. A remote attacker could possibly use this issue to perform an HTTP request smuggling attack, resulting in cache poisoning. Various other issues were also addressed.

tags | advisory, remote, web
systems | linux, ubuntu
advisories | CVE-2020-15049, CVE-2020-15810, CVE-2020-15811, CVE-2020-24606
MD5 | 3eafffe142c5a1479c54fa5c9e297c33
Ubuntu Security Notice USN-4547-1
Posted Sep 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4547-1 - It was discovered that an information disclosure vulnerability existed in the LibVNCServer vendored in iTALC when sending a ServerCutText message. An attacker could possibly use this issue to expose sensitive information. It was discovered that the LibVNCServer and LibVNCClient vendored in iTALC incorrectly handled certain packet lengths. A remote attacker could possibly use this issue to obtain sensitive information, cause a denial of service, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, info disclosure
systems | linux, ubuntu
advisories | CVE-2018-15127, CVE-2018-20022, CVE-2018-20023, CVE-2018-20024, CVE-2018-20749, CVE-2018-7225, CVE-2019-15681
MD5 | 9922e4b06254766557616cfff60d0f5a
Ubuntu Security Notice USN-4548-1
Posted Sep 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4548-1 - It was discovered that libuv incorrectly handled certain paths. An attacker could possibly use this issue to cause a crash or execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-8252
MD5 | 832078b9dd177bb1e72d7406a5622c23
Ubuntu Security Notice USN-4549-1
Posted Sep 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4549-1 - It was discovered that ImageMagick incorrectly handled certain specially crafted image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or other unspecified impact.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2019-19948
MD5 | 2b0f47f2e4fb8160b47c063317689024
Page 2 of 215
Back12345Next

File Archive:

October 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    25 Files
  • 2
    Oct 2nd
    13 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    1 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    15 Files
  • 7
    Oct 7th
    15 Files
  • 8
    Oct 8th
    11 Files
  • 9
    Oct 9th
    3 Files
  • 10
    Oct 10th
    1 Files
  • 11
    Oct 11th
    1 Files
  • 12
    Oct 12th
    8 Files
  • 13
    Oct 13th
    12 Files
  • 14
    Oct 14th
    23 Files
  • 15
    Oct 15th
    4 Files
  • 16
    Oct 16th
    13 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    1 Files
  • 19
    Oct 19th
    27 Files
  • 20
    Oct 20th
    41 Files
  • 21
    Oct 21st
    15 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close