exploit the possibilities
Showing 1 - 25 of 6,890 RSS Feed

Operating System: Ubuntu

Ubuntu Security Notice USN-4559-1
Posted Sep 30, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4559-1 - Tom Tervoort discovered that the Netlogon protocol implemented by Samba incorrectly handled the authentication scheme. A remote attacker could use this issue to forge an authentication token and steal the credentials of the domain admin. While a previous security update fixed the issue by changing the "server schannel" setting to default to "yes", instead of "auto", which forced a secure netlogon channel, this update provides additional improvements. Various other issues were also addressed.

tags | advisory, remote, protocol
systems | linux, ubuntu
advisories | CVE-2020-1472
MD5 | f57c43c56dc64d4f2d620467cfd5a8fc
Ubuntu Security Notice USN-4557-1
Posted Sep 30, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4557-1 - It was discovered that the Tomcat realm implementations incorrectly handled passwords when a username didn't exist. A remote attacker could possibly use this issue to enumerate usernames. Alvaro Munoz and Alexander Mirosh discovered that Tomcat incorrectly limited use of a certain utility method. A malicious application could possibly use this to bypass Security Manager restrictions. It was discovered that Tomcat incorrectly controlled reading system properties. A malicious application could possibly use this to bypass Security Manager restrictions. Various other issues were also addressed.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2016-0762, CVE-2016-5018, CVE-2016-6794, CVE-2016-6796, CVE-2016-6797, CVE-2016-6816, CVE-2016-8735
MD5 | a8c32c42978a0fc017c17a327e2e5b01
Ubuntu Security Notice USN-4558-1
Posted Sep 30, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4558-1 - It was discovered that libapreq2 did not properly sanitize the Content-Type field in certain, crafted HTTP requests. An attacker could use this vulnerability to cause libapreq2 to crash.

tags | advisory, web
systems | linux, ubuntu
advisories | CVE-2019-12412
MD5 | 9c892d7f5d379e3152a26205604b5b0d
Ubuntu Security Notice USN-4556-1
Posted Sep 29, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4556-1 - It was discovered that netqmail did not properly handle certain input. Both remote and local attackers could use this vulnerability to cause netqmail to crash or execute arbitrary code. It was discovered that netqmail did not properly handle certain input when validating email addresses. An attacker could use this to bypass email address validation. Various other issues were also addressed.

tags | advisory, remote, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2005-1513, CVE-2005-1515, CVE-2020-3811, CVE-2020-3812
MD5 | acc8c2f4c28a224574408a5870713fdf
Ubuntu Security Notice USN-4547-2
Posted Sep 29, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4547-2 - It was discovered that the LibVNCClient vendored in SSVNC incorrectly handled certain packet lengths. A remote attacker could possibly use this issue to obtain sensitive information, cause a denial of service, or execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-20020
MD5 | 10e3d0622f2e336e51652caf06b7cf9d
Ubuntu Security Notice USN-4554-1
Posted Sep 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4554-1 - It was discovered that libPGF lacked proper validation when opening a specially crafted PGF file. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2015-6673
MD5 | bfc4216986a760d149d77f8c6b30546b
Ubuntu Security Notice USN-4553-1
Posted Sep 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4553-1 - It was discovered that Teeworlds server did not properly handler certain network traffic. A remote, unauthenticated attacker could use this vulnerability to cause Teeworlds server to crash.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2020-12066
MD5 | 67e2f0aab1a5f038566b1636c11f252b
Ubuntu Security Notice USN-4552-1
Posted Sep 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4552-1 - Malte Kraus discovered that Pam-python mishandled certain environment variables. A local attacker could potentially use this vulnerability to execute programs as root.

tags | advisory, local, root, python
systems | linux, ubuntu
advisories | CVE-2019-16729
MD5 | 9b50a0e88882a3a241628e82fb4462d0
Ubuntu Security Notice USN-4550-1
Posted Sep 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4550-1 - Ryan Hall discovered that DPDK incorrectly handled vhost crypto. An attacker inside a guest could use these issues to perform multiple attacks, including denial of service attacks, obtaining sensitive information from the host, and possibly executing arbitrary code on the host.

tags | advisory, denial of service, arbitrary, crypto
systems | linux, ubuntu
advisories | CVE-2020-14374, CVE-2020-14378
MD5 | 078d6a4237c00a31ffbd2417dbef8c6b
Ubuntu Security Notice USN-4551-1
Posted Sep 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4551-1 - Alex Rousskov and Amit Klein discovered that Squid incorrectly handled certain Content-Length headers. A remote attacker could possibly use this issue to perform an HTTP request smuggling attack, resulting in cache poisoning. Amit Klein discovered that Squid incorrectly validated certain data. A remote attacker could possibly use this issue to perform an HTTP request smuggling attack, resulting in cache poisoning. Various other issues were also addressed.

tags | advisory, remote, web
systems | linux, ubuntu
advisories | CVE-2020-15049, CVE-2020-15810, CVE-2020-15811, CVE-2020-24606
MD5 | 3eafffe142c5a1479c54fa5c9e297c33
Ubuntu Security Notice USN-4547-1
Posted Sep 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4547-1 - It was discovered that an information disclosure vulnerability existed in the LibVNCServer vendored in iTALC when sending a ServerCutText message. An attacker could possibly use this issue to expose sensitive information. It was discovered that the LibVNCServer and LibVNCClient vendored in iTALC incorrectly handled certain packet lengths. A remote attacker could possibly use this issue to obtain sensitive information, cause a denial of service, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, info disclosure
systems | linux, ubuntu
advisories | CVE-2018-15127, CVE-2018-20022, CVE-2018-20023, CVE-2018-20024, CVE-2018-20749, CVE-2018-7225, CVE-2019-15681
MD5 | 9922e4b06254766557616cfff60d0f5a
Ubuntu Security Notice USN-4548-1
Posted Sep 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4548-1 - It was discovered that libuv incorrectly handled certain paths. An attacker could possibly use this issue to cause a crash or execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-8252
MD5 | 832078b9dd177bb1e72d7406a5622c23
Ubuntu Security Notice USN-4549-1
Posted Sep 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4549-1 - It was discovered that ImageMagick incorrectly handled certain specially crafted image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or other unspecified impact.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2019-19948
MD5 | 2b0f47f2e4fb8160b47c063317689024
Ubuntu Security Notice USN-3968-3
Posted Sep 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3968-3 - USN-3968-1 fixed several vulnerabilities in Sudo. This update provides the corresponding update for Ubuntu 14.04 ESM. Florian Weimer discovered that Sudo incorrectly handled the noexec restriction when used with certain applications. A local attacker could possibly use this issue to bypass configured restrictions and execute arbitrary commands. Various other issues were also addressed.

tags | advisory, arbitrary, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-7032
MD5 | 6044cf85ada96b50d32b99b140fb790d
Ubuntu Security Notice USN-4546-1
Posted Sep 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4546-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, conduct cross-site scripting attacks, spoof the site displayed in the download dialog, or execute arbitrary code.

tags | advisory, denial of service, arbitrary, spoof, xss
systems | linux, ubuntu
advisories | CVE-2020-15673, CVE-2020-15677
MD5 | f02d01635a1ac2eedfe980130e35d00a
Ubuntu Security Notice USN-4545-1
Posted Sep 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4545-1 - It was discovered that libquicktime incorrectly handled certain malformed MP4 files. If a user were tricked into opening a specially crafted MP4 file, a remote attacker could use this issue to cause a denial of service. It was discovered that libquicktime incorrectly handled certain malformed MP4 files. If a user were tricked into opening a specially crafted MP4 file, a remote attacker could use this issue to cause libquicktime to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2017-9122, CVE-2017-9125, CVE-2017-9126, CVE-2017-9127
MD5 | 82a9122d668579c365d56e1def5f7ce8
Ubuntu Security Notice USN-4541-1
Posted Sep 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4541-1 - Tim Blazytko, Cornelius Aschermann, Sergej Schumilo and Nils Bars discovered that Gnuplot did not properly validate string sizes in the df_generate_ascii_array_entry function. An attacker could possibly use this issue to cause a heap buffer overflow, resulting in a denial of service attack or arbitrary code execution. Tim Blazytko, Cornelius Aschermann, Sergej Schumilo and Nils Bars discovered that Gnuplot did not properly validate string sizes in the PS_options function when the Gnuplot postscript terminal is used as a backend. An attacker could possibly use this issue to cause a buffer overflow, resulting in a denial of service attack or arbitrary code execution. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, code execution
systems | linux, ubuntu
advisories | CVE-2018-19490, CVE-2018-19491, CVE-2018-19492
MD5 | a2d584e45b3bcb0222cfcf7ec75368ab
Ubuntu Security Notice USN-4543-1
Posted Sep 27, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4543-1 - Michał Bentkowski discovered that Sanitize did not properly sanitize some math or svg HTML under certain circumstances. A remote attacker could potentially exploit this to conduct cross-site scripting attacks.

tags | advisory, remote, xss
systems | linux, ubuntu
advisories | CVE-2020-4054
MD5 | f7276c40d308ac3763e9648293aba821
Ubuntu Security Notice USN-4542-1
Posted Sep 26, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4542-1 - It was discovered that MiniUPnPd did not properly validate callback addresses. A remote attacker could possibly use this issue to expose sensitive information. It was discovered that MiniUPnPd incorrectly handled unpopulated user XML input. An attacker could possibly use this issue to cause MiniUPnPd to crash, resulting in a denial of service. It was discovered that MiniUPnPd incorrectly handled an empty description when port mapping. An attacker could possibly use this issue to cause MiniUPnPd to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2019-12107, CVE-2019-12110, CVE-2019-12111
MD5 | 74d311d5f6eb54781286c7b5650a1990
Ubuntu Security Notice USN-4540-1
Posted Sep 25, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4540-1 - Denis Andzakovic discovered that atftpd incorrectly handled certain malformed packets. A remote attacker could send a specially crafted packet to cause atftpd to crash, resulting in a denial of service. Denis Andzakovic discovered that atftpd did not properly lock the thread list mutex. An attacker could send a large number of tftpd packets simultaneously when running atftpd in daemon mode to cause atftpd to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2019-11365, CVE-2019-11366
MD5 | 85a92f5a6833b52838d668bab5904769
Ubuntu Security Notice USN-4539-1
Posted Sep 24, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4539-1 - Andrew Bartlett discovered that DAViCal Andrew's Web Libraries did not properly manage session keys. An attacker could possibly use this issue to impersonate a session.

tags | advisory, web
systems | linux, ubuntu
advisories | CVE-2020-11728
MD5 | 44eaff60e3935fcf8a263b260377821b
Ubuntu Security Notice USN-4536-1
Posted Sep 24, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4536-1 - Youssouf Boulouiz discovered that SPIP incorrectly handled login error messages. A remote attacker could potentially exploit this to conduct cross-site scripting attacks. Gilles Vincent discovered that SPIP incorrectly handled password reset requests. A remote attacker could possibly use this issue to cause SPIP to enumerate registered users. Guillaume Fahrner discovered that SPIP did not properly sanitize input. A remote authenticated attacker could possibly use this issue to execute arbitrary code on the host server. Various other issues were also addressed.

tags | advisory, remote, arbitrary, xss
systems | linux, ubuntu
advisories | CVE-2017-15736, CVE-2019-11071, CVE-2019-16391, CVE-2019-16392, CVE-2019-16393, CVE-2019-16394, CVE-2019-19830
MD5 | 26358c71d5c54c232b20eb20dc1c6bc3
Ubuntu Security Notice USN-4538-1
Posted Sep 24, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4538-1 - Vaisha Bernard discovered that PackageKit incorrectly handled certain methods. A local attacker could use this issue to learn the MIME type of any file on the system. Sami Niemimäki discovered that PackageKit incorrectly handled local deb packages. A local user could possibly use this issue to install untrusted packages, contrary to expectations.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2020-16121, CVE-2020-16122
MD5 | 9ab387948f7d20a426a21b86db0d000e
Ubuntu Security Notice USN-4537-1
Posted Sep 24, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4537-1 - Vaisha Bernard discovered that Aptdaemon incorrectly handled the Locale property. A local attacker could use this issue to test for the presence of local files.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2020-15703
MD5 | 79d913f2fe0fa46f1fd8a7e378f21f45
Ubuntu Security Notice USN-4535-1
Posted Sep 24, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4535-1 - Gabriel Corona discovered that RDFLib did not properly load modules on the command-line. An attacker could possibly use this issue to cause RDFLib to execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-7653
MD5 | d7118c8df0a69ff1a86eb57717176ba9
Page 1 of 276
Back12345Next

File Archive:

September 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    20 Files
  • 2
    Sep 2nd
    15 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    4 Files
  • 5
    Sep 5th
    1 Files
  • 6
    Sep 6th
    1 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    27 Files
  • 9
    Sep 9th
    7 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    9 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    25 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    15 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    12 Files
  • 19
    Sep 19th
    1 Files
  • 20
    Sep 20th
    1 Files
  • 21
    Sep 21st
    15 Files
  • 22
    Sep 22nd
    21 Files
  • 23
    Sep 23rd
    8 Files
  • 24
    Sep 24th
    15 Files
  • 25
    Sep 25th
    4 Files
  • 26
    Sep 26th
    1 Files
  • 27
    Sep 27th
    1 Files
  • 28
    Sep 28th
    20 Files
  • 29
    Sep 29th
    15 Files
  • 30
    Sep 30th
    89 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close