exploit the possibilities
Showing 26 - 50 of 6,920 RSS Feed

Operating System: Ubuntu

Ubuntu Security Notice USN-4569-1
Posted Oct 5, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4569-1 - It was discovered that Yaws did not properly sanitize XML input. A remote attacker could use this vulnerability to execute an XML External Entity injection attack. It was discovered that Yaws mishandled certain input when running CGI scripts. A remote attacker could use this vulnerability to execute arbitrary commands.

tags | advisory, remote, arbitrary, cgi
systems | linux, ubuntu
advisories | CVE-2020-24379, CVE-2020-24916
MD5 | b57e1fe6c87cc3eebc0b2bd7a99b1ee1
Ubuntu Security Notice USN-4563-1
Posted Oct 2, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4563-1 - It was discovered that the fix for CVE-2018-7182 introduced a NULL pointer dereference into NTP. An attacker could use this vulnerability to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2019-8936
MD5 | b9934375d7ec3f0ca1b14ac7a67351c1
Ubuntu Security Notice USN-4562-1
Posted Oct 1, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4562-1 - It was discovered that kramdown insecurely handled certain crafted input. An attacker could use this vulnerability to read restricted files or execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-14001
MD5 | ebf1cdf60c7f8611d34ce58ab46f6a1c
Ubuntu Security Notice USN-4561-1
Posted Oct 1, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4561-1 - It was discovered that Rack incorrectly handled certain paths. An attacker could possibly use this issue to obtain sensitive information. It was discovered that Rack incorrectly validated cookies. An attacker could possibly use this issue to forge a secure cookie.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2020-8161, CVE-2020-8184
MD5 | 1647278df1e467bf98dbfb76e8bf528f
Ubuntu Security Notice USN-4560-1
Posted Sep 30, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4560-1 - It was discovered that Gon gem did not properly escape certain input. An attacker could use this vulnerability to execute a cross-site scripting attack.

tags | advisory, xss
systems | linux, ubuntu
advisories | CVE-2020-25739
MD5 | 4d11001b45a8a1e03d7bfd7ed8e32e6e
Ubuntu Security Notice USN-4559-1
Posted Sep 30, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4559-1 - Tom Tervoort discovered that the Netlogon protocol implemented by Samba incorrectly handled the authentication scheme. A remote attacker could use this issue to forge an authentication token and steal the credentials of the domain admin. While a previous security update fixed the issue by changing the "server schannel" setting to default to "yes", instead of "auto", which forced a secure netlogon channel, this update provides additional improvements. Various other issues were also addressed.

tags | advisory, remote, protocol
systems | linux, ubuntu
advisories | CVE-2020-1472
MD5 | f57c43c56dc64d4f2d620467cfd5a8fc
Ubuntu Security Notice USN-4557-1
Posted Sep 30, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4557-1 - It was discovered that the Tomcat realm implementations incorrectly handled passwords when a username didn't exist. A remote attacker could possibly use this issue to enumerate usernames. Alvaro Munoz and Alexander Mirosh discovered that Tomcat incorrectly limited use of a certain utility method. A malicious application could possibly use this to bypass Security Manager restrictions. It was discovered that Tomcat incorrectly controlled reading system properties. A malicious application could possibly use this to bypass Security Manager restrictions. Various other issues were also addressed.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2016-0762, CVE-2016-5018, CVE-2016-6794, CVE-2016-6796, CVE-2016-6797, CVE-2016-6816, CVE-2016-8735
MD5 | a8c32c42978a0fc017c17a327e2e5b01
Ubuntu Security Notice USN-4558-1
Posted Sep 30, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4558-1 - It was discovered that libapreq2 did not properly sanitize the Content-Type field in certain, crafted HTTP requests. An attacker could use this vulnerability to cause libapreq2 to crash.

tags | advisory, web
systems | linux, ubuntu
advisories | CVE-2019-12412
MD5 | 9c892d7f5d379e3152a26205604b5b0d
Ubuntu Security Notice USN-4556-1
Posted Sep 29, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4556-1 - It was discovered that netqmail did not properly handle certain input. Both remote and local attackers could use this vulnerability to cause netqmail to crash or execute arbitrary code. It was discovered that netqmail did not properly handle certain input when validating email addresses. An attacker could use this to bypass email address validation. Various other issues were also addressed.

tags | advisory, remote, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2005-1513, CVE-2005-1515, CVE-2020-3811, CVE-2020-3812
MD5 | acc8c2f4c28a224574408a5870713fdf
Ubuntu Security Notice USN-4547-2
Posted Sep 29, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4547-2 - It was discovered that the LibVNCClient vendored in SSVNC incorrectly handled certain packet lengths. A remote attacker could possibly use this issue to obtain sensitive information, cause a denial of service, or execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-20020
MD5 | 10e3d0622f2e336e51652caf06b7cf9d
Ubuntu Security Notice USN-4554-1
Posted Sep 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4554-1 - It was discovered that libPGF lacked proper validation when opening a specially crafted PGF file. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2015-6673
MD5 | bfc4216986a760d149d77f8c6b30546b
Ubuntu Security Notice USN-4553-1
Posted Sep 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4553-1 - It was discovered that Teeworlds server did not properly handler certain network traffic. A remote, unauthenticated attacker could use this vulnerability to cause Teeworlds server to crash.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2020-12066
MD5 | 67e2f0aab1a5f038566b1636c11f252b
Ubuntu Security Notice USN-4552-1
Posted Sep 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4552-1 - Malte Kraus discovered that Pam-python mishandled certain environment variables. A local attacker could potentially use this vulnerability to execute programs as root.

tags | advisory, local, root, python
systems | linux, ubuntu
advisories | CVE-2019-16729
MD5 | 9b50a0e88882a3a241628e82fb4462d0
Ubuntu Security Notice USN-4550-1
Posted Sep 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4550-1 - Ryan Hall discovered that DPDK incorrectly handled vhost crypto. An attacker inside a guest could use these issues to perform multiple attacks, including denial of service attacks, obtaining sensitive information from the host, and possibly executing arbitrary code on the host.

tags | advisory, denial of service, arbitrary, crypto
systems | linux, ubuntu
advisories | CVE-2020-14374, CVE-2020-14378
MD5 | 078d6a4237c00a31ffbd2417dbef8c6b
Ubuntu Security Notice USN-4551-1
Posted Sep 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4551-1 - Alex Rousskov and Amit Klein discovered that Squid incorrectly handled certain Content-Length headers. A remote attacker could possibly use this issue to perform an HTTP request smuggling attack, resulting in cache poisoning. Amit Klein discovered that Squid incorrectly validated certain data. A remote attacker could possibly use this issue to perform an HTTP request smuggling attack, resulting in cache poisoning. Various other issues were also addressed.

tags | advisory, remote, web
systems | linux, ubuntu
advisories | CVE-2020-15049, CVE-2020-15810, CVE-2020-15811, CVE-2020-24606
MD5 | 3eafffe142c5a1479c54fa5c9e297c33
Ubuntu Security Notice USN-4547-1
Posted Sep 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4547-1 - It was discovered that an information disclosure vulnerability existed in the LibVNCServer vendored in iTALC when sending a ServerCutText message. An attacker could possibly use this issue to expose sensitive information. It was discovered that the LibVNCServer and LibVNCClient vendored in iTALC incorrectly handled certain packet lengths. A remote attacker could possibly use this issue to obtain sensitive information, cause a denial of service, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, info disclosure
systems | linux, ubuntu
advisories | CVE-2018-15127, CVE-2018-20022, CVE-2018-20023, CVE-2018-20024, CVE-2018-20749, CVE-2018-7225, CVE-2019-15681
MD5 | 9922e4b06254766557616cfff60d0f5a
Ubuntu Security Notice USN-4548-1
Posted Sep 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4548-1 - It was discovered that libuv incorrectly handled certain paths. An attacker could possibly use this issue to cause a crash or execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-8252
MD5 | 832078b9dd177bb1e72d7406a5622c23
Ubuntu Security Notice USN-4549-1
Posted Sep 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4549-1 - It was discovered that ImageMagick incorrectly handled certain specially crafted image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or other unspecified impact.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2019-19948
MD5 | 2b0f47f2e4fb8160b47c063317689024
Ubuntu Security Notice USN-3968-3
Posted Sep 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3968-3 - USN-3968-1 fixed several vulnerabilities in Sudo. This update provides the corresponding update for Ubuntu 14.04 ESM. Florian Weimer discovered that Sudo incorrectly handled the noexec restriction when used with certain applications. A local attacker could possibly use this issue to bypass configured restrictions and execute arbitrary commands. Various other issues were also addressed.

tags | advisory, arbitrary, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-7032
MD5 | 6044cf85ada96b50d32b99b140fb790d
Ubuntu Security Notice USN-4546-1
Posted Sep 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4546-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, conduct cross-site scripting attacks, spoof the site displayed in the download dialog, or execute arbitrary code.

tags | advisory, denial of service, arbitrary, spoof, xss
systems | linux, ubuntu
advisories | CVE-2020-15673, CVE-2020-15677
MD5 | f02d01635a1ac2eedfe980130e35d00a
Ubuntu Security Notice USN-4545-1
Posted Sep 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4545-1 - It was discovered that libquicktime incorrectly handled certain malformed MP4 files. If a user were tricked into opening a specially crafted MP4 file, a remote attacker could use this issue to cause a denial of service. It was discovered that libquicktime incorrectly handled certain malformed MP4 files. If a user were tricked into opening a specially crafted MP4 file, a remote attacker could use this issue to cause libquicktime to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2017-9122, CVE-2017-9125, CVE-2017-9126, CVE-2017-9127
MD5 | 82a9122d668579c365d56e1def5f7ce8
Ubuntu Security Notice USN-4541-1
Posted Sep 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4541-1 - Tim Blazytko, Cornelius Aschermann, Sergej Schumilo and Nils Bars discovered that Gnuplot did not properly validate string sizes in the df_generate_ascii_array_entry function. An attacker could possibly use this issue to cause a heap buffer overflow, resulting in a denial of service attack or arbitrary code execution. Tim Blazytko, Cornelius Aschermann, Sergej Schumilo and Nils Bars discovered that Gnuplot did not properly validate string sizes in the PS_options function when the Gnuplot postscript terminal is used as a backend. An attacker could possibly use this issue to cause a buffer overflow, resulting in a denial of service attack or arbitrary code execution. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, code execution
systems | linux, ubuntu
advisories | CVE-2018-19490, CVE-2018-19491, CVE-2018-19492
MD5 | a2d584e45b3bcb0222cfcf7ec75368ab
Ubuntu Security Notice USN-4543-1
Posted Sep 27, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4543-1 - Michaƅ‚ Bentkowski discovered that Sanitize did not properly sanitize some math or svg HTML under certain circumstances. A remote attacker could potentially exploit this to conduct cross-site scripting attacks.

tags | advisory, remote, xss
systems | linux, ubuntu
advisories | CVE-2020-4054
MD5 | f7276c40d308ac3763e9648293aba821
Ubuntu Security Notice USN-4542-1
Posted Sep 26, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4542-1 - It was discovered that MiniUPnPd did not properly validate callback addresses. A remote attacker could possibly use this issue to expose sensitive information. It was discovered that MiniUPnPd incorrectly handled unpopulated user XML input. An attacker could possibly use this issue to cause MiniUPnPd to crash, resulting in a denial of service. It was discovered that MiniUPnPd incorrectly handled an empty description when port mapping. An attacker could possibly use this issue to cause MiniUPnPd to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2019-12107, CVE-2019-12110, CVE-2019-12111
MD5 | 74d311d5f6eb54781286c7b5650a1990
Ubuntu Security Notice USN-4540-1
Posted Sep 25, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4540-1 - Denis Andzakovic discovered that atftpd incorrectly handled certain malformed packets. A remote attacker could send a specially crafted packet to cause atftpd to crash, resulting in a denial of service. Denis Andzakovic discovered that atftpd did not properly lock the thread list mutex. An attacker could send a large number of tftpd packets simultaneously when running atftpd in daemon mode to cause atftpd to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2019-11365, CVE-2019-11366
MD5 | 85a92f5a6833b52838d668bab5904769
Page 2 of 277
Back12345Next

File Archive:

October 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    25 Files
  • 2
    Oct 2nd
    13 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    1 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    15 Files
  • 7
    Oct 7th
    15 Files
  • 8
    Oct 8th
    11 Files
  • 9
    Oct 9th
    3 Files
  • 10
    Oct 10th
    1 Files
  • 11
    Oct 11th
    1 Files
  • 12
    Oct 12th
    8 Files
  • 13
    Oct 13th
    12 Files
  • 14
    Oct 14th
    23 Files
  • 15
    Oct 15th
    4 Files
  • 16
    Oct 16th
    13 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close