Exploit the possiblities
Showing 51 - 75 of 3,938 RSS Feed

Files from Ubuntu

Email addresssecurity at ubuntu.com
First Active2004-10-28
Last Active2018-01-18
Ubuntu Security Notice USN-3504-2
Posted Dec 5, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3504-2 - USN-3504-1 fixed a vulnerability in libxml2. This update provides the corresponding update for Ubuntu 12.04 ESM. Wei Lei discovered that libxml2 incorrecty handled certain parameter entities. An attacker could use this issue with specially constructed XML data to cause libxml2 to consume resources, leading to a denial of service. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2017-16932
MD5 | ac546ea4fe8b36423b1f4cf2d396fb07
Ubuntu Security Notice USN-3503-1
Posted Dec 4, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3503-1 - It was discovered that Evince incorrectly handled printing certain DVI files. If a user were tricked into opening and printing a specially-named DVI file, an attacker could use this issue to execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-1000159
MD5 | ebb5ce7bbc80b14cfd7841dd50f31b12
Ubuntu Security Notice USN-3498-2
Posted Dec 4, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3498-2 - USN-3498-1 fixed a vulnerability in curl. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that curl incorrectly handled FTP wildcard matching. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly obtain sensitive information. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2017-8817
MD5 | 26d30b6c5e75b0330e6d2d9aa3568ea6
Ubuntu Security Notice USN-3490-1
Posted Dec 1, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3490-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing-like context, an attacker could potentially exploit these to bypass same-origin restrictions, cause a denial of service via application crash, or execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-7826, CVE-2017-7828, CVE-2017-7830
MD5 | c76bb02f347dde049641240fde17791e
Ubuntu Security Notice USN-3477-3
Posted Dec 1, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3477-3 - USN-3477-1 fixed vulnerabilities in Firefox. The update introduced various minor regressions. This update fixes the problems. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, read uninitialized memory, obtain sensitive information, bypass same-origin restrictions, bypass CSP protections, bypass mixed content blocking, spoof the addressbar, or execute arbitrary code. It was discovered that javascript: URLs pasted in to the addressbar would be executed instead of being blocked in some circumstances. If a user were tricked in to copying a specially crafted URL in to the addressbar, an attacker could potentially exploit this to conduct cross-site scripting attacks. It was discovered that exported bookmarks do not strip script elements from user-supplied tags. If a user were tricked in to adding specially crafted tags to bookmarks, exporting them and then opening the resulting HTML file, an attacker could potentially exploit this to conduct cross-site scripting attacks. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, spoof, javascript, vulnerability, xss
systems | linux, ubuntu
advisories | CVE-2017-7828, CVE-2017-7830, CVE-2017-7831, CVE-2017-7832, CVE-2017-7833, CVE-2017-7834, CVE-2017-7835, CVE-2017-7837, CVE-2017-7838, CVE-2017-7839, CVE-2017-7840, CVE-2017-7842
MD5 | 998ce8623ace567ce271665c533d0819
Ubuntu Security Notice USN-3499-1
Posted Nov 29, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3499-1 - It was discovered that Exim incorrectly handled certain BDAT data headers. A remote attacker could possibly use this issue to cause Exim to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2017-16944
MD5 | 76413a0a0b86941ed4c9ab6ea5adcb1a
Ubuntu Security Notice USN-3501-1
Posted Nov 29, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3501-1 - It was discovered that libxcursor incorrectly handled certain files. An attacker could use these issues to cause libxcursor to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-16612
MD5 | dcb5463838fcb70c44bb92e443ba7eea
Ubuntu Security Notice USN-3500-1
Posted Nov 29, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3500-1 - It was discovered that libXfont incorrectly followed symlinks when opening font files. A local unprivileged user could use this issue to cause the X server to access arbitrary files, including special device files.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2017-16611
MD5 | 2b2de1eb031ae49f268ff9aee4ea6ea6
Ubuntu Security Notice USN-3498-1
Posted Nov 29, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3498-1 - Alex Nichols discovered that curl incorrectly handled NTLM authentication credentials. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 17.04 and Ubuntu 17.10. It was discovered that curl incorrectly handled FTP wildcard matching. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly obtain sensitive information. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-8816, CVE-2017-8817
MD5 | 41cead7dc230ab023b565d109b9d6985
Ubuntu Security Notice USN-3497-1
Posted Nov 29, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3497-1 - It was discovered that the Smart Card IO subsystem in OpenJDK did not properly maintain state. An attacker could use this to specially construct an untrusted Java application or applet to gain access to a smart card, bypassing sandbox restrictions. Gaston Traberg discovered that the Serialization component of OpenJDK did not properly limit the amount of memory allocated when performing deserializations. An attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, java, denial of service
systems | linux, ubuntu
advisories | CVE-2017-10274, CVE-2017-10281, CVE-2017-10285, CVE-2017-10295, CVE-2017-10345, CVE-2017-10346, CVE-2017-10347, CVE-2017-10348, CVE-2017-10349, CVE-2017-10350, CVE-2017-10355, CVE-2017-10356, CVE-2017-10357, CVE-2017-10388
MD5 | 8d8eb129033011bab0cea2ab92f4f64c
Ubuntu Security Notice USN-3496-3
Posted Nov 28, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3496-3 - USN-3496-1 fixed a vulnerability in Python2.7. This update provides the corresponding update for versions 3.4 and 3.5. It was discovered that Python incorrectly handled decoding certain strings. An attacker could possibly use this issue to execute arbitrary code. Various other issues were also addressed.

tags | advisory, arbitrary, python
systems | linux, ubuntu
advisories | CVE-2017-1000158
MD5 | f941682c699f5113e70fcf5b8841ab5e
Ubuntu Security Notice USN-3496-2
Posted Nov 28, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3496-2 - USN-3496-1 fixed a vulnerability in Python. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that Python incorrectly handled decoding certain strings. An attacker could possibly use this issue to execute arbitrary code. Various other issues were also addressed.

tags | advisory, arbitrary, python
systems | linux, ubuntu
advisories | CVE-2017-1000158
MD5 | 6d06d0cdd588c0582cf4b147440fd9a8
Ubuntu Security Notice USN-3496-1
Posted Nov 28, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3496-1 - It was discovered that Python incorrectly handled decoding certain strings. An attacker could possibly use this issue to execute arbitrary code.

tags | advisory, arbitrary, python
systems | linux, ubuntu
advisories | CVE-2017-1000158
MD5 | 41b98a01dccbfb51a73270c60534efa7
Ubuntu Security Notice USN-3477-2
Posted Nov 27, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3477-2 - USN-3477-1 fixed vulnerabilities in Firefox. The update caused search suggestions to not be displayed when performing Google searches from the search bar. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, read uninitialized memory, obtain sensitive information, bypass same-origin restrictions, bypass CSP protections, bypass mixed content blocking, spoof the addressbar, or execute arbitrary code. It was discovered that javascript: URLs pasted in to the addressbar would be executed instead of being blocked in some circumstances. If a user were tricked in to copying a specially crafted URL in to the addressbar, an attacker could potentially exploit this to conduct cross-site scripting attacks. It was discovered that exported bookmarks do not strip script elements from user-supplied tags. If a user were tricked in to adding specially crafted tags to bookmarks, exporting them and then opening the resulting HTML file, an attacker could potentially exploit this to conduct cross-site scripting attacks. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, spoof, javascript, vulnerability, xss
systems | linux, ubuntu
advisories | CVE-2017-7828, CVE-2017-7830, CVE-2017-7831, CVE-2017-7832, CVE-2017-7833, CVE-2017-7834, CVE-2017-7835, CVE-2017-7837, CVE-2017-7838, CVE-2017-7839, CVE-2017-7840, CVE-2017-7842
MD5 | 6cdcaf4a995ce8dd8f0d4dc8e6b43d6b
Ubuntu Security Notice USN-3495-1
Posted Nov 27, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3495-1 - It was discovered that OptiPNG incorrectly handled memory. A remote attacker could use this issue with a specially crafted image file to cause OptiPNG to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-1000229
MD5 | 8ca2f9f87976d7e5cc17ac54c1ada204
Ubuntu Security Notice USN-3494-1
Posted Nov 27, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3494-1 - It was discovered that XML::LibXML incorrectly handled memory when processing a replaceChild call. A remote attacker could possibly use this issue to execute arbitrary code.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-10672
MD5 | 4d10bef8b7f501f4c8cf320aa04f1117
Ubuntu Security Notice USN-3493-1
Posted Nov 27, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3493-1 - It was discovered that Exim incorrectly handled memory in the ESMTP CHUNKING extension. A remote attacker could use this issue to cause Exim to crash, resulting in a denial of service, or possibly execute arbitrary code. The default compiler options for affected releases should reduce the vulnerability to a denial of service.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-16943
MD5 | 2bd0e6e8f8c7ebdceaa13a9f3c6466e7
Ubuntu Security Notice USN-3476-2
Posted Nov 27, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3476-2 - USN-3476-1 fixed two vulnerabilities in postgresql-common. This update provides the corresponding update for Ubuntu 12.04 ESM. Dawid Golunski discovered that the postgresql-common pg_ctlcluster script incorrectly handled symlinks. A local attacker could possibly use this issue to escalate privileges. Various other issues were also addressed.

tags | advisory, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-1255, CVE-2017-8806
MD5 | 516949c3cc678726f2ab1d952e928051
Ubuntu Security Notice USN-3492-1
Posted Nov 24, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3492-1 - It was discovered that LibRaw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted photo file, a remote attacker could cause applications linked against LibRaw to crash, resulting in a denial of service, or possibly execute arbitrary code

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2015-3885, CVE-2015-8366, CVE-2015-8367, CVE-2017-13735, CVE-2017-14265, CVE-2017-14348, CVE-2017-14608, CVE-2017-6886, CVE-2017-6887
MD5 | 83a33557f818dec42d9496c8584b77fb
Ubuntu Security Notice USN-3491-1
Posted Nov 24, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3491-1 - Leon Weber discovered that the ldns-keygen tool incorrectly set permissions on private keys. A local attacker could possibly use this issue to obtain generated private keys. This issue only applied to Ubuntu 14.04 LTS. Stephan Zeisberg discovered that ldns incorrectly handled memory when processing data. A remote attacker could use this issue to cause ldns to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2014-3209, CVE-2017-1000231, CVE-2017-1000232
MD5 | 0e16712d882fe0fc0b09cee7026d8582
Ubuntu Security Notice USN-3489-2
Posted Nov 22, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3489-2 - USN-3489-1 fixed a vulnerability in Berkeley DB. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that Berkeley DB incorrectly handled certain configuration files. An attacker could possibly use this issue to read sensitive information. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2017-10140
MD5 | 88bdcc6c1a9db76bfe55829862222bc9
Ubuntu Security Notice USN-3489-1
Posted Nov 22, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3489-1 - It was discovered that Berkeley DB incorrectly handled certain configuration files. An attacker could possibly use this issue to read sensitive information.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2017-10140
MD5 | 35984ce6dc03eb352f87f7471664c162
Ubuntu Security Notice USN-3485-3
Posted Nov 22, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3485-3 - It was discovered that a race condition existed in the ALSA subsystem of the Linux kernel when creating and deleting a port via ioctl. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Eric Biggers discovered that the key management subsystem in the Linux kernel did not properly restrict adding a key that already exists but is uninstantiated. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-15265, CVE-2017-15299, CVE-2017-15649, CVE-2017-15951, CVE-2017-16525, CVE-2017-16526, CVE-2017-16527, CVE-2017-16529, CVE-2017-16530, CVE-2017-16531, CVE-2017-16533, CVE-2017-16534, CVE-2017-16535
MD5 | b42a8de1b5ec762ade00ecbe31f381cf
Ubuntu Security Notice USN-3488-1
Posted Nov 22, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3488-1 - It was discovered that the KVM subsystem in the Linux kernel did not properly keep track of nested levels in guest page tables. A local attacker in a guest VM could use this to cause a denial of service or possibly execute arbitrary code in the host OS.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-12188
MD5 | d34cb4725ea351f0b767b2b909e12fa3
Ubuntu Security Notice USN-3487-1
Posted Nov 22, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3487-1 - It was discovered that the KVM subsystem in the Linux kernel did not properly keep track of nested levels in guest page tables. A local attacker in a guest VM could use this to cause a denial of service or possibly execute arbitrary code in the host OS. It was discovered that on the PowerPC architecture, the kernel did not properly sanitize the signal stack when handling sigreturn. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-1000255, CVE-2017-12153, CVE-2017-12154, CVE-2017-12188, CVE-2017-12190, CVE-2017-12192, CVE-2017-14156, CVE-2017-14489, CVE-2017-14954, CVE-2017-15265, CVE-2017-15537, CVE-2017-15649, CVE-2017-16525, CVE-2017-16526, CVE-2017-16527, CVE-2017-16529, CVE-2017-16530, CVE-2017-16531, CVE-2017-16533, CVE-2017-16534
MD5 | 7ad11b332e12a1efd657b9f496e49a87
Page 3 of 158
Back12345Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

January 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    16 Files
  • 4
    Jan 4th
    39 Files
  • 5
    Jan 5th
    26 Files
  • 6
    Jan 6th
    40 Files
  • 7
    Jan 7th
    2 Files
  • 8
    Jan 8th
    16 Files
  • 9
    Jan 9th
    25 Files
  • 10
    Jan 10th
    28 Files
  • 11
    Jan 11th
    44 Files
  • 12
    Jan 12th
    32 Files
  • 13
    Jan 13th
    2 Files
  • 14
    Jan 14th
    4 Files
  • 15
    Jan 15th
    31 Files
  • 16
    Jan 16th
    15 Files
  • 17
    Jan 17th
    16 Files
  • 18
    Jan 18th
    24 Files
  • 19
    Jan 19th
    15 Files
  • 20
    Jan 20th
    5 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close