exploit the possibilities
Showing 51 - 75 of 6,760 RSS Feed

Operating System: Ubuntu

Ubuntu Security Notice USN-4401-1
Posted Jun 22, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4401-1 - It was discovered that Mutt incorrectly handled certain requests. An attacker could possibly use this issue to enable MITM attacks. It was discovered that Mutt incorrectly handled certain requests. An attacker could possibly use this issue to proceeds with a connection even if the user rejects an expired intermediate certificate. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2020-14093, CVE-2020-14154
MD5 | 1cf0224012a5ab76303481a81487a564
Ubuntu Security Notice USN-4400-1
Posted Jun 22, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4400-1 - It was discovered that the nfs-utils package set incorrect permissions on the /var/lib/nfs directory. An attacker could possibly use this issue to escalate privileges.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2019-3689
MD5 | c4dc39324720975af5d08962b2ee0726
Ubuntu Security Notice USN-4399-1
Posted Jun 18, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4399-1 - It was discovered that Bind incorrectly handled large responses during zone transfers. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. It was discovered that Bind incorrectly handled certain asterisk characters in zone files. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2020-8618, CVE-2020-8619
MD5 | a0530899b395851dffa5d9842ee214cb
Cayin CMS NTP Server 11.0 Remote Code Execution
Posted Jun 18, 2020
Authored by LiquidWorm, h00die | Site metasploit.com

This Metasploit module exploits an authenticated remote code execution vulnerability in Cayin CMS versions 11.0 and below. The code execution is executed in the system_service.cgi file's ntpIp Parameter. The field is limited in size, so repeated requests are made to achieve a larger payload. Cayin CMS-SE is built for Ubuntu 16.04 (20.04 failed to install correctly), so the environment should be pretty set and not dynamic between targets. Results in root level access.

tags | exploit, remote, cgi, root, code execution
systems | linux, ubuntu
advisories | CVE-2020-7357
MD5 | 5b71abbf1e64c3cce0a48cc8d48f03b0
Ubuntu Security Notice USN-4397-2
Posted Jun 17, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4397-2 - USN-4397-1 fixed a vulnerability in NSS. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Cesar Pereida Garcia discovered that NSS incorrectly handled DSA key generation. A local attacker could possibly use this issue to perform a timing attack and recover DSA keys. Various other issues were also addressed.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2020-12399
MD5 | 59cf6ce8a438927a2d01029a21c63e00
Ubuntu Security Notice USN-4398-2
Posted Jun 17, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4398-2 - USN-4398-1 fixed a vulnerability in DBus. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Kevin Backhouse discovered that DBus incorrectly handled file descriptors. A local attacker could possibly use this issue to cause DBus to crash, resulting in a denial of service.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2020-12049
MD5 | b79c5bba9ef0577e9f937bfded9fe33b
Ubuntu Security Notice USN-4398-1
Posted Jun 16, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4398-1 - Kevin Backhouse discovered that DBus incorrectly handled file descriptors. A local attacker could possibly use this issue to cause DBus to crash, resulting in a denial of service.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2020-12049
MD5 | 50b7c9b6dbf13f5c1ef112217cec9aa5
Ubuntu Security Notice USN-4397-1
Posted Jun 16, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4397-1 - It was discovered that NSS incorrectly handled the TLS State Machine. A remote attacker could possibly use this issue to cause NSS to hang, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 19.10. Cesar Pereida Garcia discovered that NSS incorrectly handled DSA key generation. A local attacker could possibly use this issue to perform a timing attack and recover DSA keys. Various other issues were also addressed.

tags | advisory, remote, denial of service, local
systems | linux, ubuntu
advisories | CVE-2019-17023, CVE-2020-12399
MD5 | 394e975df72ff7664f636a86cddc7604
Ubuntu Security Notice USN-4396-1
Posted Jun 16, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4396-1 - It was discovered that libexif incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information. It was discovered that libexif incorrectly handled certain inputs. An attacker could possibly use this issue to cause a remote denial of service. It was discovered that libexif incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information or cause a crash. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2020-0093, CVE-2020-0198, CVE-2020-13112, CVE-2020-13113, CVE-2020-13114
MD5 | 466748276da154c4e747a60f437d13cf
Ubuntu Security Notice USN-4315-2
Posted Jun 15, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4315-2 - USN-4315-1 fixed several vulnerabilities in Apport. This update provides the corresponding update for Ubuntu 14.04 ESM. Maximilien Bourgeteau discovered that the Apport lock file was created with insecure permissions. This could allow a local attacker to escalate their privileges via a symlink attack. Various other issues were also addressed.

tags | advisory, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2020-8831, CVE-2020-8833
MD5 | 827ac63900fe80f5023afec6f68d9314
Ubuntu Security Notice USN-4395-1
Posted Jun 15, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4395-1 - Justin Steven discovered that fwupd incorrectly handled certain signature verification. An attacker could possibly use this issue to install an unsigned firmware.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2020-10759
MD5 | e726eaf20f4ce578a8ddc909a4c7d546
Ubuntu Security Notice USN-4385-2
Posted Jun 11, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4385-2 - USN-4385-1 provided updated Intel Processor Microcode. Unfortunately, that update prevented certain processors in the Intel Skylake family from booting successfully. Additionally, on Ubuntu 20.04 LTS, late loading of microcode was enabled, which could lead to system instability. This update reverts the microcode update for the Skylake processor family and disables the late loading option on Ubuntu 20.04 LTS. Please note that the 'dis_ucode_ldr' kernel command line option can be added in the boot menu to disable microcode loading for system recovery. Various other issues were also addressed.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2020-0543, CVE-2020-0548, CVE-2020-0549
MD5 | e73d5f6c4c88bce23e85bfb3e434f4f6
Ubuntu Security Notice USN-4394-1
Posted Jun 10, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4394-1 - It was discovered that SQLite incorrectly handled certain corrupted schemas. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS. It was discovered that SQLite incorrectly handled certain SELECT statements. An attacker could possibly use this issue to cause a denial of service. This issue was only addressed in Ubuntu 19.10. It was discovered that SQLite incorrectly handled certain self-referential views. An attacker could possibly use this issue to cause a denial of service. This issue was only addressed in Ubuntu 19.10. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2018-8740, CVE-2019-19603, CVE-2019-19645, CVE-2020-11655, CVE-2020-13434, CVE-2020-13435, CVE-2020-13630, CVE-2020-13631, CVE-2020-13632
MD5 | e3dedeb86a376828ffad5372817480ff
Ubuntu Security Notice USN-4392-1
Posted Jun 10, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4392-1 - It was discovered that the Marvell WiFi-Ex Driver in the Linux kernel did not properly validate status lengths in messages received from an access point, leading to a buffer overflow. A physically proximate attacker controlling an access point could use this to construct messages that could possibly result in arbitrary code execution. It was discovered that memory contents previously stored in microarchitectural special registers after RDRAND, RDSEED, and SGX EGETKEY read operations on Intel client and Xeon E3 processors may be briefly exposed to processes on the same or different processor cores. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, overflow, arbitrary, kernel, local, code execution
systems | linux, ubuntu
advisories | CVE-2020-0543, CVE-2020-12114, CVE-2020-12654
MD5 | 2a8d26a4c0fc30acb37659ae44687215
Ubuntu Security Notice USN-4388-1
Posted Jun 10, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4388-1 - It was discovered that the F2FS file system implementation in the Linux kernel did not properly perform bounds checking on xattrs in some situations. A local attacker could possibly use this to expose sensitive information. It was discovered that memory contents previously stored in microarchitectural special registers after RDRAND, RDSEED, and SGX EGETKEY read operations on Intel client and Xeon E3 processors may be briefly exposed to processes on the same or different processor cores. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-0067, CVE-2020-0543, CVE-2020-12114, CVE-2020-12464, CVE-2020-12659, CVE-2020-1749
MD5 | 3cd7fbe81c4015ba8baf954c820314b8
Ubuntu Security Notice USN-4391-1
Posted Jun 10, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4391-1 - It was discovered that the ext4 file system implementation in the Linux kernel did not properly handle setxattr operations in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that memory contents previously stored in microarchitectural special registers after RDRAND, RDSEED, and SGX EGETKEY read operations on Intel client and Xeon E3 processors may be briefly exposed to processes on the same or different processor cores. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-19319, CVE-2020-0543, CVE-2020-10751, CVE-2020-12114, CVE-2020-12464, CVE-2020-12769, CVE-2020-12826, CVE-2020-1749
MD5 | b9a5c4d0b8f881b21288f5e8a866b693
Ubuntu Security Notice USN-4389-1
Posted Jun 10, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4389-1 - It was discovered that the F2FS file system implementation in the Linux kernel did not properly perform bounds checking on xattrs in some situations. A local attacker could possibly use this to expose sensitive information. It was discovered that memory contents previously stored in microarchitectural special registers after RDRAND, RDSEED, and SGX EGETKEY read operations on Intel client and Xeon E3 processors may be briefly exposed to processes on the same or different processor cores. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-0067, CVE-2020-0543, CVE-2020-10751, CVE-2020-12114, CVE-2020-12464, CVE-2020-12659
MD5 | a93cc4b0befc248853b45d9e0467a27f
Ubuntu Security Notice USN-4390-1
Posted Jun 10, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4390-1 - It was discovered that the F2FS file system implementation in the Linux kernel did not properly perform bounds checking on xattrs in some situations. A local attacker could possibly use this to expose sensitive information. It was discovered that memory contents previously stored in microarchitectural special registers after RDRAND, RDSEED, and SGX EGETKEY read operations on Intel client and Xeon E3 processors may be briefly exposed to processes on the same or different processor cores. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-0067, CVE-2020-0543, CVE-2020-10751, CVE-2020-12114, CVE-2020-12464, CVE-2020-1749
MD5 | f002116a7b317689b84b6b58abae7aff
Ubuntu Security Notice USN-4393-1
Posted Jun 10, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4393-1 - It was discovered that the Marvell WiFi-Ex Driver in the Linux kernel did not properly validate status lengths in messages received from an access point, leading to a buffer overflow. A physically proximate attacker controlling an access point could use this to construct messages that could possibly result in arbitrary code execution. It was discovered that memory contents previously stored in microarchitectural special registers after RDRAND, RDSEED, and SGX EGETKEY read operations on Intel client and Xeon E3 processors may be briefly exposed to processes on the same or different processor cores. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, overflow, arbitrary, kernel, local, code execution
systems | linux, ubuntu
advisories | CVE-2020-0543, CVE-2020-12654
MD5 | 1c2083f7dc6855a4a9ae2d20008669a7
Ubuntu Security Notice USN-4387-1
Posted Jun 10, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4387-1 - It was discovered that the F2FS file system implementation in the Linux kernel did not properly perform bounds checking on xattrs in some situations. A local attacker could possibly use this to expose sensitive information. It was discovered that memory contents previously stored in microarchitectural special registers after RDRAND, RDSEED, and SGX EGETKEY read operations on Intel client and Xeon E3 processors may be briefly exposed to processes on the same or different processor cores. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-0067, CVE-2020-0543, CVE-2020-12114, CVE-2020-12464, CVE-2020-12659
MD5 | 71371ab954b312b6f8dee337cb7072e8
Ubuntu Security Notice USN-4385-1
Posted Jun 10, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4385-1 - It was discovered that memory contents previously stored in microarchitectural special registers after RDRAND, RDSEED, and SGX EGETKEY read operations on Intel client and Xeon E3 processors may be briefly exposed to processes on the same or different processor cores. A local attacker could use this to expose sensitive information. It was discovered that on some Intel processors, partial data values previously read from a vector register on a physical core may be propagated into unused portions of the store buffer. A local attacker could possible use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2020-0543, CVE-2020-0548, CVE-2020-0549
MD5 | ddedba3354363299d3f430d3dfcbc404
Ubuntu Security Notice USN-4386-1
Posted Jun 10, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4386-1 - It was discovered that libjpeg-turbo incorrectly handled certain PPM files. An attacker could possibly use this issue to access sensitive information.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2020-13790
MD5 | f6ef8e013b98a6282e03e5226972c220
Ubuntu Security Notice USN-4384-1
Posted Jun 5, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4384-1 - It was discovered that GnuTLS incorrectly handled session ticket encryption keys. A remote attacker could possibly use this issue to bypass authentication or recover sensitive information.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2020-13777
MD5 | 188a62341c3f26b400b7b9d2dfdb8270
Ubuntu Security Notice USN-4383-1
Posted Jun 5, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4383-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the addressbar, or execute arbitrary code. It was discovered that NSS showed timing differences when performing DSA signatures. An attacker could potentially exploit this to obtain private keys using a timing attack. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, spoof
systems | linux, ubuntu
advisories | CVE-2020-12399, CVE-2020-12407, CVE-2020-12408, CVE-2020-12411
MD5 | 7008565679641f0d4d2c4c80f6ec42cf
Ubuntu Security Notice USN-4382-1
Posted Jun 4, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4382-1 - It was discovered that FreeRDP incorrectly handled certain memory operations. A remote attacker could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-11042, CVE-2020-11049, CVE-2020-11523, CVE-2020-13397
MD5 | d66aa9aa039b0b13b0421f5b3b6dcb06
Page 3 of 271
Back12345Next

File Archive:

August 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    2 Files
  • 2
    Aug 2nd
    3 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    0 Files
  • 5
    Aug 5th
    0 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    0 Files
  • 9
    Aug 9th
    0 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close