what you don't know can hurt you
Showing 1 - 25 of 6,441 RSS Feed

Operating System: Ubuntu

Ubuntu Security Notice USN-4198-1
Posted Nov 21, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4198-1 - It was discovered that DjVuLibre incorrectly handled certain memory operations. If a user or automated system were tricked into processing a specially crafted DjVu file, a remote attacker could cause applications to hang or crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-15142, CVE-2019-18804
MD5 | 0266b63db318f60e95d11214c496da34
Ubuntu Security Notice USN-4197-1
Posted Nov 21, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4197-1 - It was discovered that Bind incorrectly handled certain TCP-pipelined queries. A remote attacker could possibly use this issue to cause Bind to consume resources, resulting in a denial of service.

tags | advisory, remote, denial of service, tcp
systems | linux, ubuntu
advisories | CVE-2019-6477
MD5 | 11bfa35275bd6ea3bcaa1d7e51576b3c
Ubuntu Security Notice USN-4195-2
Posted Nov 20, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4195-2 - USN-4195-1 fixed multiple vulnerabilities in MySQL. This update provides the corresponding fixes for CVE-2019-2974 in MariaDB 10.1 and CVE-2019-2938, CVE-2019-2974 for MariaDB 10.3. Ubuntu 18.04 LTS has been updated to MariaDB 10.1.43. Ubuntu 19.04 and 19.10 has been updated to MariaDB 10.3.20. In addition to security fixes, the updated package contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-2938, CVE-2019-2974
MD5 | 3d77ade0d4cac0b3f205399a37496905
Ubuntu Security Notice USN-4196-1
Posted Nov 18, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4196-1 - It was discovered that python-ecdsa incorrectly handled certain signatures. A remote attacker could possibly use this issue to cause python-ecdsa to generate unexpected exceptions, resulting in a denial of service. It was discovered that python-ecdsa incorrectly verified DER encoding in signatures. A remote attacker could use this issue to perform certain malleability attacks. Various other issues were also addressed.

tags | advisory, remote, denial of service, python
systems | linux, ubuntu
advisories | CVE-2019-14853, CVE-2019-14859
MD5 | 35e3a03b9cd2e11397dc1e4198d7fb7b
Ubuntu Security Notice USN-4195-1
Posted Nov 18, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4195-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.18 in Ubuntu 19.10. Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 19.04 have been updated to MySQL 5.7.28. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2019-2910, CVE-2019-2922, CVE-2019-2946, CVE-2019-2960, CVE-2019-2968, CVE-2019-2991, CVE-2019-3003, CVE-2019-3018
MD5 | 3186ce4dc67212c7beaf20fd11739ccf
Ubuntu Security Notice USN-4194-1
Posted Nov 15, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4194-1 - Rich Mirch discovered that the postgresql-common pg_ctlcluster script incorrectly handled directory creation. A local attacker could possibly use this issue to escalate privileges.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2019-3466
MD5 | 3d5d5b5594832e582b24922191aae2ed
Ubuntu Security Notice USN-4193-1
Posted Nov 15, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4193-1 - Paul Manfred and Lukas Schauer discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access arbitrary files, execute arbitrary code, or cause a denial of service.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-14869
MD5 | 4d26777cb9ff426bb18a110b0c3ac708
FusionPBX Operator Panel exec.php Command Execution
Posted Nov 14, 2019
Authored by Brendan Coles, Dustin Cobb | Site metasploit.com

This Metasploit module exploits an authenticated command injection vulnerability in FusionPBX versions 4.4.3 and prior. The exec.php file within the Operator Panel permits users with operator_panel_view permissions, or administrator permissions, to execute arbitrary commands as the web server user by sending a system command to the FreeSWITCH event socket interface. This module has been tested successfully on FusionPBX version 4.4.1 on Ubuntu 19.04 (x64).

tags | exploit, web, arbitrary, php
systems | linux, ubuntu
advisories | CVE-2019-11409
MD5 | 8371c066836fe4c5336f32a7b5aa18d5
FusionPBX Command exec.php Command Execution
Posted Nov 14, 2019
Authored by Brendan Coles | Site metasploit.com

This Metasploit module uses administrative functionality available in FusionPBX to gain a shell. The Command section of the application permits users with exec_view permissions, or superadmin permissions, to execute arbitrary system commands, or arbitrary PHP code, as the web server user. This module has been tested successfully on FusionPBX version 4.4.1 on Ubuntu 19.04 (x64).

tags | exploit, web, arbitrary, shell, php
systems | linux, ubuntu
MD5 | f85a37b65def4dd691f01bcc8dc57001
FreeSWITCH Event Socket Command Execution
Posted Nov 14, 2019
Authored by Brendan Coles | Site metasploit.com

This Metasploit module uses the FreeSWITCH event socket interface to execute system commands using the system API command. The event socket service is enabled by default and listens on TCP port 8021 on the local network interface. This module has been tested successfully on FreeSWITCH versions: 1.6.10-17-726448d~44bit on FreeSWITCH-Deb8-TechPreview virtual machine; 1.8.4~64bit on Ubuntu 19.04 (x64); and 1.10.1~64bit on Windows 7 SP1 (EN) (x64).

tags | exploit, local, tcp
systems | linux, windows, ubuntu, 7
MD5 | fabd4afa284981bdc1c471d62f81d23a
Ubuntu shiftfs refcount Underflow / Type Confusion
Posted Nov 14, 2019
Authored by Jann Horn, Google Security Research

Ubuntu suffers from refcount underflow and type confusion vulnerabilities in shiftfs.

tags | exploit, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-15793
MD5 | 0997e77626bf20fe372537310c94c69f
Ubuntu Security Notice USN-4192-1
Posted Nov 14, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4192-1 - It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2019-12974, CVE-2019-12978, CVE-2019-13295, CVE-2019-13304, CVE-2019-13308, CVE-2019-13391, CVE-2019-15140, CVE-2019-16711
MD5 | ecdb1a346e29876aa64e3ec34325e2a1
Ubuntu Security Notice USN-4191-1
Posted Nov 14, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4191-1 - It was discovered that the LSI SCSI adapter emulator implementation in QEMU did not properly validate executed scripts. A local attacker could use this to cause a denial of service. Sergej Schumilo, Cornelius Aschermann and Simon Woerner discovered that the qxl paravirtual graphics driver implementation in QEMU contained a null pointer dereference. A local attacker in a guest could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2019-12068, CVE-2019-12155, CVE-2019-13164, CVE-2019-14378, CVE-2019-15890
MD5 | 8e7f58665c8a2c50a4d016d2bdb10d3a
Ubuntu Security Notice USN-4191-2
Posted Nov 14, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4191-2 - USN-4191-2 fixed a vulnerability in QEMU. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that the LSI SCSI adapter emulator implementation in QEMU did not properly validate executed scripts. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2019-12068, CVE-2019-12155, CVE-2019-13164, CVE-2019-14378, CVE-2019-15890
MD5 | 08f7e0e6b2e4c5fc716d75fd51174222
Ubuntu Security Notice USN-4186-3
Posted Nov 14, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4186-3 - USN-4186-1 fixed vulnerabilities in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 was incomplete on 64-bit Intel x86 systems. This update addresses the issue. Various other issues were also addressed.

tags | advisory, x86, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-12207, CVE-2019-0154, CVE-2019-0155, CVE-2019-11135, CVE-2019-15098, CVE-2019-16746, CVE-2019-17052, CVE-2019-17053, CVE-2019-17054, CVE-2019-17055, CVE-2019-17056, CVE-2019-17666, CVE-2019-2215
MD5 | 35657c491a35b8937950f7a7a72bcfec
Ubuntu Security Notice USN-4185-3
Posted Nov 14, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4185-3 - USN-4185-1 fixed vulnerabilities in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 was incomplete on 64-bit Intel x86 systems. Also, the update introduced a regression that broke KVM guests where extended page tables are disabled or not supported. This update addresses both issues. Various other issues were also addressed.

tags | advisory, x86, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-12207, CVE-2019-0154, CVE-2019-0155, CVE-2019-11135, CVE-2019-15098, CVE-2019-17052, CVE-2019-17053, CVE-2019-17054, CVE-2019-17055, CVE-2019-17056, CVE-2019-17666
MD5 | 48c055fdc23ec8eaea074849871aa586
Ubuntu Security Notice USN-4183-2
Posted Nov 14, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4183-2 - USN-4183-1 fixed vulnerabilities in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 was incomplete on 64-bit Intel x86 systems. This update addresses the issue. Various other issues were also addressed.

tags | advisory, x86, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-12207, CVE-2019-0154, CVE-2019-0155, CVE-2019-11135, CVE-2019-15791, CVE-2019-15792, CVE-2019-15793, CVE-2019-16746, CVE-2019-17666
MD5 | 63968a584ee33d219857ed9bdd445938
Ubuntu Security Notice USN-4184-2
Posted Nov 14, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4184-2 - USN-4184-1 fixed vulnerabilities in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 was incomplete on 64-bit Intel x86 systems. Also, the update introduced a regression that broke KVM guests where extended page tables are disabled or not supported. This update addresses both issues. Various other issues were also addressed.

tags | advisory, x86, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-12207, CVE-2019-0154, CVE-2019-0155, CVE-2019-11135, CVE-2019-15098, CVE-2019-15791, CVE-2019-15792, CVE-2019-15793, CVE-2019-17052, CVE-2019-17053, CVE-2019-17054, CVE-2019-17055, CVE-2019-17056, CVE-2019-17666
MD5 | 729df00f6313e1ee60a63c8d339f79f4
Ubuntu Security Notice USN-4190-1
Posted Nov 14, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4190-1 - It was discovered that libjpeg-turbo incorrectly handled certain BMP images. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that libjpeg-turbo incorrectly handled certain JPEG images. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 19.04. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2018-14498, CVE-2018-19664, CVE-2018-20330, CVE-2019-2201
MD5 | a20a9a6262901f9026a8e9c9415d7387
Kernel Live Patch Security Notice LSN-0059-1
Posted Nov 13, 2019
Authored by Benjamin M. Romer

On November 12, fixes for several high-severity Intel processor CVEs were released into the Ubuntu kernel, accompanied by a related processor microcode update. Due to the high complexity of the fixes and the required microcode update, we are unable to livepatch this set of CVEs. Please plan to reboot into an updated kernel as soon as possible. Various other issues were also addressed.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2018-12207, CVE-2019-0154, CVE-2019-0155, CVE-2019-11135
MD5 | 06b34393d5a55669f944e67227b98bc7
Ubuntu Security Notice USN-4189-1
Posted Nov 13, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4189-1 - Jason Wang discovered that DPDK incorrectly handled certain messages. An attacker in a malicious container could possibly use this issue to cause DPDK to leak resources, resulting in a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2019-14818
MD5 | f9d20909e8082ab6a82d6c1098dc34d2
Ubuntu Security Notice USN-4186-2
Posted Nov 13, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4186-2 - USN-4186-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 ESM. Stephan van Schaik, Alyssa Milburn, Sebastian

tags | advisory, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-12207, CVE-2019-0154, CVE-2019-0155, CVE-2019-11135, CVE-2019-15098, CVE-2019-17052, CVE-2019-17053, CVE-2019-17054, CVE-2019-17055, CVE-2019-17056, CVE-2019-17666
MD5 | 95f2f9fd67ee4c52927a030defa19abc
Ubuntu Security Notice USN-4186-1
Posted Nov 13, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4186-1 - Stephan van Schaik, Alyssa Milburn, Sebastian

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2018-12207, CVE-2019-0154, CVE-2019-0155, CVE-2019-11135, CVE-2019-15098, CVE-2019-16746, CVE-2019-17052, CVE-2019-17053, CVE-2019-17054, CVE-2019-17055, CVE-2019-17056, CVE-2019-17666, CVE-2019-2215
MD5 | e8301e767a422d58976a8373acd8121f
Ubuntu Security Notice USN-4188-1
Posted Nov 13, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4188-1 - Stephan van Schaik, Alyssa Milburn, Sebastian

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2019-11135
MD5 | 2235f16315e8ee91fffb0737da07a981
Ubuntu Security Notice USN-4185-2
Posted Nov 13, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4185-2 - Stephan van Schaik, Alyssa Milburn, Sebastian

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2018-12207, CVE-2019-11135, CVE-2019-17052, CVE-2019-17053, CVE-2019-17054, CVE-2019-17055, CVE-2019-17056
MD5 | c6dee0de758a43fe0855e49c83bd0622
Page 1 of 258
Back12345Next

File Archive:

November 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    28 Files
  • 2
    Nov 2nd
    1 Files
  • 3
    Nov 3rd
    1 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    19 Files
  • 6
    Nov 6th
    65 Files
  • 7
    Nov 7th
    22 Files
  • 8
    Nov 8th
    18 Files
  • 9
    Nov 9th
    1 Files
  • 10
    Nov 10th
    1 Files
  • 11
    Nov 11th
    11 Files
  • 12
    Nov 12th
    65 Files
  • 13
    Nov 13th
    27 Files
  • 14
    Nov 14th
    22 Files
  • 15
    Nov 15th
    18 Files
  • 16
    Nov 16th
    1 Files
  • 17
    Nov 17th
    3 Files
  • 18
    Nov 18th
    22 Files
  • 19
    Nov 19th
    17 Files
  • 20
    Nov 20th
    15 Files
  • 21
    Nov 21st
    13 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close