Exploit the possiblities
Showing 76 - 100 of 3,938 RSS Feed

Files from Ubuntu

Email addresssecurity at ubuntu.com
First Active2004-10-28
Last Active2018-01-18
Ubuntu Security Notice USN-3484-3
Posted Nov 22, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3484-3 - It was discovered that the KVM subsystem in the Linux kernel did not properly keep track of nested levels in guest page tables. A local attacker in a guest VM could use this to cause a denial of service or possibly execute arbitrary code in the host OS.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-12188
MD5 | 66bacd47a663c0d54ece524add84d230
Ubuntu Security Notice USN-3486-2
Posted Nov 21, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3486-2 - USN-3486-1 fixed a vulnerability in Samba. This update provides the corresponding update for Ubuntu 12.04 ESM. Volker Lendecke discovered that Samba incorrectly cleared memory when returning data to a client. A remote attacker could possibly use this issue to obtain sensitive information. Various other issues were also addressed.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2017-15275
MD5 | a0f5315cd609a4736f577b649ec1843d
Ubuntu Security Notice USN-3486-1
Posted Nov 21, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3486-1 - Yihan Lian and Zhibin Hu discovered that Samba incorrectly handled memory when processing certain SMB1 requests. A remote attacker could possibly use this issue to execute arbitrary code. Volker Lendecke discovered that Samba incorrectly cleared memory when returning data to a client. A remote attacker could possibly use this issue to obtain sensitive information.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-14746, CVE-2017-15275
MD5 | 8fa08470f846483b1b653d87a9ae18e1
Ubuntu Security Notice USN-3483-2
Posted Nov 21, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3483-2 - USN-3483-1 fixed a vulnerability in procmail. This update provides the corresponding update for Ubuntu 12.04 ESM. Jakub Wilk discovered that the formail tool incorrectly handled certain malformed mail messages. An attacker could use this flaw to cause formail to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-16844
MD5 | 836e0dd8e3cbe0a7357e84930c695d35
Ubuntu Security Notice USN-3485-2
Posted Nov 20, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3485-2 - USN-3485-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that a race condition existed in the ALSA subsystem of the Linux kernel when creating and deleting a port via ioctl. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-15265, CVE-2017-15299, CVE-2017-15649, CVE-2017-15951, CVE-2017-16525, CVE-2017-16526, CVE-2017-16527, CVE-2017-16529, CVE-2017-16530, CVE-2017-16531, CVE-2017-16533, CVE-2017-16534, CVE-2017-16535
MD5 | 5d93020024e24d68a43b1db5e4571ef0
Ubuntu Security Notice USN-3485-1
Posted Nov 20, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3485-1 - It was discovered that a race condition existed in the ALSA subsystem of the Linux kernel when creating and deleting a port via ioctl. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Eric Biggers discovered that the key management subsystem in the Linux kernel did not properly restrict adding a key that already exists but is uninstantiated. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-15265, CVE-2017-15299, CVE-2017-15649, CVE-2017-15951, CVE-2017-16525, CVE-2017-16526, CVE-2017-16527, CVE-2017-16529, CVE-2017-16530, CVE-2017-16531, CVE-2017-16533, CVE-2017-16534, CVE-2017-16535
MD5 | 04e7255785511894b9481aaf658d47a8
Ubuntu Security Notice USN-3484-2
Posted Nov 20, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3484-2 - USN-3484-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.04. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 17.04 for Ubuntu 16.04 LTS. It was discovered that the KVM subsystem in the Linux kernel did not properly keep track of nested levels in guest page tables. A local attacker in a guest VM could use this to cause a denial of service or possibly execute arbitrary code in the host OS. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-12188
MD5 | 19e4db7ada05df9747621fb71935501e
Ubuntu Security Notice USN-3484-1
Posted Nov 20, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3484-1 - It was discovered that the KVM subsystem in the Linux kernel did not properly keep track of nested levels in guest page tables. A local attacker in a guest VM could use this to cause a denial of service or possibly execute arbitrary code in the host OS.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-12188
MD5 | 4e3b827121d1541ad1c6d68c8831039e
Ubuntu Security Notice USN-3480-2
Posted Nov 20, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3480-2 - USN-3480-1 fixed vulnerabilities in Apport. The fix for CVE-2017-14177 introduced a regression in the ability to handle crashes for users that configured their systems to use the Upstart init system in Ubuntu 16.04 LTS and Ubuntu 17.04. The fix for CVE-2017-14180 temporarily disabled crash forwarding to containers. This update addresses the problems. Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-14177, CVE-2017-14180
MD5 | 187d13705d588506b1f9efb92a04f86a
Ubuntu Security Notice USN-3483-1
Posted Nov 20, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3483-1 - Jakub Wilk discovered that the formail tool incorrectly handled certain malformed mail messages. An attacker could use this flaw to cause formail to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-16844
MD5 | 6b1a28393ccb7967f9b1e090c2b4aff9
Ubuntu Security Notice USN-3482-1
Posted Nov 17, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3482-1 - It was discovered that racoon, the ipsec-tools IKE daemon, incorrectly handled certain ISAKMP fragments. A remote attacker could use this issue to cause racoon to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2016-10396
MD5 | c03a17de47f9086226a6a0912badf93f
Ubuntu Security Notice USN-3477-1
Posted Nov 17, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3477-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, read uninitialized memory, obtain sensitive information, bypass same-origin restrictions, bypass CSP protections, bypass mixed content blocking, spoof the addressbar, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, spoof
systems | linux, ubuntu
advisories | CVE-2017-7826, CVE-2017-7827, CVE-2017-7828, CVE-2017-7830, CVE-2017-7831, CVE-2017-7832, CVE-2017-7833, CVE-2017-7834, CVE-2017-7835, CVE-2017-7837, CVE-2017-7838, CVE-2017-7839, CVE-2017-7840, CVE-2017-7842
MD5 | 5ed2b9f8c90425388420326b5e31775d
Ubuntu Security Notice USN-3481-1
Posted Nov 17, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3481-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2017-13783, CVE-2017-13784, CVE-2017-13785, CVE-2017-13788, CVE-2017-13791, CVE-2017-13792, CVE-2017-13793, CVE-2017-13794, CVE-2017-13795, CVE-2017-13796, CVE-2017-13798, CVE-2017-13802, CVE-2017-13803
MD5 | 68e7c4cff272deb50d9fba595e29a0d0
Ubuntu Security Notice USN-3480-1
Posted Nov 16, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3480-1 - Sander Bos discovered that Apport incorrectly handled core dumps for setuid binaries. A local attacker could use this issue to perform a denial of service via resource exhaustion or possibly gain root privileges. Sander Bos discovered that Apport incorrectly handled core dumps for processes in a different PID namespace. A local attacker could use this issue to perform a denial of service via resource exhaustion or possibly gain root privileges. Various other issues were also addressed.

tags | advisory, denial of service, local, root
systems | linux, ubuntu
advisories | CVE-2017-14177, CVE-2017-14180
MD5 | ec83aff8d4c1ba0449ff6a2c615026b1
Ubuntu Security Notice USN-3276-3
Posted Nov 14, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3276-3 - USN-3276-1 and USN-3276-2 fixed vulnerabilities in shadow. This update provides the corresponding update for Ubuntu 12.04 ESM. Sebastian Krahmer discovered integer overflows in shadow utilities. A local attacker could possibly cause them to crash or potentially gain privileges via crafted input. Various other issues were also addressed.

tags | advisory, overflow, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-6252, CVE-2017-2616
MD5 | b3c44d45c3cf3b56ca446d0bc127ca24
Ubuntu Security Notice USN-3479-1
Posted Nov 14, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3479-1 - David Rowley discovered that PostgreSQL incorrectly handled memory when processing certain JSON functions. A remote attacker could possibly use this issue to obtain sensitive information. Dean Rasheed discovered that PostgreSQL incorrectly enforced SELECT privileges when processing INSERT ... ON CONFLICT DO UPDATE commands. A remote attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 16.04 LTS, Ubuntu 17.04 and Ubuntu 17.10. Various other issues were also addressed.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2017-15098, CVE-2017-15099
MD5 | e03a34ee46e7e84843da08c0a1c3bbf8
Ubuntu Security Notice USN-3478-2
Posted Nov 14, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3478-2 - USN-3478-1 fixed two vulnerabilities in Perl. This update provides the corresponding update for Ubuntu 12.04 ESM. Jakub Wilk discovered that Perl incorrectly handled certain regular expressions. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, perl, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-12883
MD5 | 6fc7e5e039d31a5a2672a0fdaf7f7380
Ubuntu Security Notice USN-3478-1
Posted Nov 14, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3478-1 - Jakub Wilk discovered that Perl incorrectly handled certain regular expressions. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, perl
systems | linux, ubuntu
advisories | CVE-2017-12837, CVE-2017-12883
MD5 | 972077314df82317d1a943797ea753ea
Ubuntu Security Notice USN-3476-1
Posted Nov 9, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3476-1 - Dawid Golunski discovered that the postgresql-common pg_ctlcluster script incorrectly handled symlinks. A local attacker could possibly use this issue to escalate privileges. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. It was discovered that the postgresql-common helper scripts incorrectly handled symlinks. A local attacker could possibly use this issue to escalate privileges. Various other issues were also addressed.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2016-1255, CVE-2017-8806
MD5 | 906742bdd89c098fbed5b590889aaee1
Ubuntu Security Notice USN-3473-1
Posted Nov 8, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3473-1 - It was discovered that the Smart Card IO subsystem in OpenJDK did not properly maintain state. An attacker could use this to specially construct an untrusted Java application or applet to gain access to a smart card, bypassing sandbox restrictions. Gaston Traberg discovered that the Serialization component of OpenJDK did not properly limit the amount of memory allocated when performing deserializations. An attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, java, denial of service
systems | linux, ubuntu
advisories | CVE-2017-10274, CVE-2017-10281, CVE-2017-10285, CVE-2017-10295, CVE-2017-10345, CVE-2017-10346, CVE-2017-10347, CVE-2017-10348, CVE-2017-10349, CVE-2017-10350, CVE-2017-10355, CVE-2017-10356, CVE-2017-10357, CVE-2017-10388
MD5 | 053a30167047fcd635b278bcc09863cb
Ubuntu Security Notice USN-3346-3
Posted Nov 8, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3346-3 - USN-3346-1 and USN-3346-2 fixed two vulnerabilities in Bind and a regression, respectively. This update provides the corresponding update for Ubuntu 12.04 ESM. Clément Berthaux discovered that Bind did not correctly check TSIG A authentication for zone update requests. An attacker could use this A to improperly perform zone updates. Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-3142, CVE-2017-3143
MD5 | 8c283ecd7b6c2e7e25bd7b8dbbf59cd7
Ubuntu Security Notice USN-3475-1
Posted Nov 6, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3475-1 - It was discovered that OpenSSL incorrectly parsed the IPAddressFamily extension in X.509 certificates, resulting in an erroneous display of the certificate in text format. It was discovered that OpenSSL incorrectly performed the x86_64 Montgomery squaring procedure. While unlikely, a remote attacker could possibly use this issue to recover private keys. This issue only applied to Ubuntu 16.04 LTS, Ubuntu 16.10 and Ubuntu 17.04. Various other issues were also addressed.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2017-3735, CVE-2017-3736
MD5 | 0c64cb5d962437f833874411911c027a
Ubuntu Security Notice USN-3474-1
Posted Nov 6, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3474-1 - Raphael Sanchez Prudencio discovered that Liblouis incorrectly handled certain files. If a user were tricked into opening a crafted file, an attacker could possibly use this to cause a denial of service or potentially execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2014-8184
MD5 | cd8e221cd75b7f22ca68e5e705eecbde
Ubuntu Security Notice USN-3426-2
Posted Nov 2, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3426-2 - USN-3426-1 fixed several vulnerabilities in Samba. This update provides the corresponding update for Ubuntu 12.04 ESM.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-12150, CVE-2017-12163
MD5 | 5c7bcdab3f68750d189559f33594d69d
Ubuntu Security Notice USN-3472-1
Posted Nov 2, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3472-1 - Marcin Noga discovered that LibreOffice incorrectly handled PPT documents. If a user were tricked into opening a specially crafted PPT document, a remote attacker could cause LibreOffice to crash, and possibly execute arbitrary code. Marcin Noga discovered that LibreOffice incorrectly handled Word documents. If a user were tricked into opening a specially crafted Word document, a remote attacker could cause LibreOffice to crash, and possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-12607, CVE-2017-12608
MD5 | 5a0440609e12bff636306cd00272bb83
Page 4 of 158
Back23456Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

January 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    16 Files
  • 4
    Jan 4th
    39 Files
  • 5
    Jan 5th
    26 Files
  • 6
    Jan 6th
    40 Files
  • 7
    Jan 7th
    2 Files
  • 8
    Jan 8th
    16 Files
  • 9
    Jan 9th
    25 Files
  • 10
    Jan 10th
    28 Files
  • 11
    Jan 11th
    44 Files
  • 12
    Jan 12th
    32 Files
  • 13
    Jan 13th
    2 Files
  • 14
    Jan 14th
    4 Files
  • 15
    Jan 15th
    31 Files
  • 16
    Jan 16th
    15 Files
  • 17
    Jan 17th
    16 Files
  • 18
    Jan 18th
    8 Files
  • 19
    Jan 19th
    0 Files
  • 20
    Jan 20th
    0 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close