exploit the possibilities
Showing 101 - 125 of 6,944 RSS Feed

Operating System: Ubuntu

Ubuntu Security Notice USN-4513-1
Posted Sep 17, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4513-1 - Dileep Kumar Jallepalli discovered that apng2gif incorrectly handled loading APNG files. An attacker could exploit this with a crafted APNG file to access sensitive information.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2017-6960
MD5 | 27472ebc39f9b826574aa1d2c851a56f
Ubuntu Security Notice USN-4510-2
Posted Sep 17, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4510-2 - USN-4510-1 fixed a vulnerability in Samba. This update provides the corresponding update for Ubuntu 14.04 ESM. Tom Tervoort discovered that the Netlogon protocol implemented by Samba incorrectly handled the authentication scheme. A remote attacker could use this issue to forge an authentication token and steal the credentials of the domain admin. Various other issues were also addressed.

tags | advisory, remote, protocol
systems | linux, ubuntu
advisories | CVE-2020-1472
MD5 | 2ed34d2ad5e9cf444a3751d103669b60
Ubuntu Security Notice USN-4510-1
Posted Sep 17, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4510-1 - Tom Tervoort discovered that the Netlogon protocol implemented by Samba incorrectly handled the authentication scheme. A remote attacker could use this issue to forge an authentication token and steal the credentials of the domain admin. This update fixes the issue by changing the "server schannel" setting to default to "yes", instead of "auto", which will force a secure netlogon channel. This may result in compatibility issues with older devices. A future update may allow a finer-grained control over this setting. Various other issues were also addressed.

tags | advisory, remote, protocol
systems | linux, ubuntu
advisories | CVE-2020-1472
MD5 | 0b446579b7c7dc87b52c723cb2687955
Ubuntu Security Notice USN-4511-1
Posted Sep 17, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4511-1 - Ziming Zhang, Xiao Wei, Gonglei Arei, and Yanyu Zhang discovered that QEMU incorrectly handled certain USB packets. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code on the host. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-14364
MD5 | 28c1044e14180afb062723f5ff0c647f
Ubuntu Security Notice USN-4512-1
Posted Sep 17, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4512-1 - It was discovered that the umount bash completion script shipped in util-linux incorrectly handled certain mountpoints. If a local attacker were able to create arbitrary mountpoints, another user could be tricked into executing arbitrary code when attempting to run the umount command with bash completion.

tags | advisory, arbitrary, local, bash
systems | linux, ubuntu
advisories | CVE-2018-7738
MD5 | fd698bcee448baf8032ab156756cd4d9
Ubuntu Security Notice USN-4509-1
Posted Sep 17, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4509-1 - It was discovered that Perl DBI module incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. It was discovered that Perl DBI module incorrectly handled certain files. An attacker could possibly use this issue to expose sensitive information.

tags | advisory, arbitrary, perl
systems | linux, ubuntu
advisories | CVE-2013-7490, CVE-2014-10401
MD5 | 7a67357d513658a17198146503a551a7
Ubuntu Security Notice USN-4508-1
Posted Sep 16, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4508-1 - It was discovered that StoreBackup did not properly manage lock files. A local attacker could use this issue to cause a denial of service or escalate privileges and run arbitrary code.

tags | advisory, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2020-7040
MD5 | 3a173c8e1adaa02f65abf5fc9ae3a802
Ubuntu Security Notice USN-4507-1
Posted Sep 16, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4507-1 - It was discovered that ncmpc incorrectly handled long chat messages. A remote attacker could possibly exploit this with a crafted chat message, causing ncmpc to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2018-9240
MD5 | ab3bfe7e87e99103331e759966ce1d69
Ubuntu Security Notice USN-4506-1
Posted Sep 16, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4506-1 - It was discovered that MCabber does not properly manage roster pushes. An attacker could possibly use this issue to remotely perform man-in-the-middle attacks.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2016-9928
MD5 | d0eefcefa486225d47bd0cc965a0c40b
Ubuntu Security Notice USN-4505-1
Posted Sep 16, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4505-1 - Elar Lang discovered that PHPMailer did not properly escape double quote characters in filenames. A remote attacker could possibly exploit this with a crafted filename to bypass attachment filters that are based on matching filename extensions.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2020-13625
MD5 | 46ec287f0b6d41563b065bf71592199c
Ubuntu Security Notice USN-4504-1
Posted Sep 16, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4504-1 - Robert Merget, Marcus Brinkmann, Nimrod Aviram, and Juraj Somorovsky discovered that certain Diffie-Hellman ciphersuites in the TLS specification and implemented by OpenSSL contained a flaw. A remote attacker could possibly use this issue to eavesdrop on encrypted communications. This was fixed in this update by removing the insecure ciphersuites from OpenSSL. Cesar Pereida GarcĂ­a, Sohaib ul Hassan, Nicola Tuveri, Iaroslav Gridin, Alejandro Cabrera Aldaya, and Billy Brumley discovered that OpenSSL incorrectly handled ECDSA signatures. An attacker could possibly use this issue to perform a timing side-channel attack and recover private ECDSA keys. This issue only affected Ubuntu 18.04 LTS. Various other issues were also addressed.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2019-1547, CVE-2019-1551, CVE-2019-1563, CVE-2020-1968
MD5 | f3b44e23570e906ce90abb2252627ce0
Ubuntu Security Notice USN-4503-1
Posted Sep 16, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4503-1 - It was discovered that Perl DBI module incorrectly handled certain calls. An attacker could possibly use this issue to execute arbitrary code.

tags | advisory, arbitrary, perl
systems | linux, ubuntu
advisories | CVE-2020-14392
MD5 | 958a8420e097c7d493f17f891bd131ac
Ubuntu Security Notice USN-4502-1
Posted Sep 16, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4502-1 - It was discovered that websocket-extensions does not properly parse special headers. A remote attacker could use this issue to cause regex backtracking, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2020-7663
MD5 | c563667327f276d584068ddbc1ee1247
Ubuntu Security Notice USN-4501-1
Posted Sep 16, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4501-1 - It was discovered that an out-of-bounds read existed in LuaJIT. An attacker could use this to cause a denial of service or possibly expose sensitive information.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2020-15890
MD5 | 5d05a6843c1b85d15a31054694f8bdaf
Ubuntu Security Notice USN-4500-1
Posted Sep 15, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4500-1 - It was discovered that bsdiff mishandled certain input. If a user were tricked into opening a malicious file, an attacker could cause bsdiff to crash or potentially execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2014-9862
MD5 | b37913b8d4b9440c2789a61ad4522b28
Ubuntu Security Notice USN-4498-1
Posted Sep 15, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4498-1 - It was discovered that Loofah does not properly sanitize JavaScript in sanitized output. An attacker could possibly use this issue to perform XSS attacks.

tags | advisory, javascript
systems | linux, ubuntu
advisories | CVE-2019-15587
MD5 | 6eac9fcb798ddbf5f49ddfe1d19dc45c
Ubuntu Security Notice USN-4499-1
Posted Sep 15, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4499-1 - It was discovered that MilkyTracker did not properly handle certain input. If a user were tricked into opening a malicious file, an attacker could cause MilkyTracker to crash or potentially execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-14464
MD5 | e199f72f3bebcdbbe13c21e7f3ec3cd6
Ubuntu Security Notice USN-4497-1
Posted Sep 15, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4497-1 - It was discovered that OpenJPEG incorrectly handled certain image files. A remote attacker could possibly use this issue to cause a denial of service. It was discovered that OpenJPEG did not properly handle certain input. If OpenJPEG were supplied with specially crafted input, it could be made to crash or potentially execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-9112, CVE-2019-12973
MD5 | 0a7348f18700c4718d1a51b1ec948ec8
Ubuntu Security Notice USN-4496-1
Posted Sep 15, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4496-1 - It was discovered that Apache XML-RPC does not properly deserialize untrusted data. An attacker could possibly use this issue to execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-17570
MD5 | 6330c73db46444a7913ad3b866d1ff4e
Ubuntu Security Notice USN-4495-1
Posted Sep 15, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4495-1 - It was discovered that Apache Log4j does not properly deserialize untrusted data. An attacker could possibly use this issue to remotely execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-17571
MD5 | 49cf86003e5792eeed93a708ed87ef5d
Ubuntu Security Notice USN-4494-1
Posted Sep 15, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4494-1 - It was discovered that GUPnP incorrectly handled certain subscription requests. A remote attacker could possibly use this issue to exfiltrate data or use GUPnP to perform DDoS attacks.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2020-12695
MD5 | 9812b5ed9d7cae11c7449b6333755453
Ubuntu Security Notice USN-4488-2
Posted Sep 9, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4488-2 - USN-4488-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update and also the update from USN-4490-1 for Ubuntu 14.04 ESM. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled the input extension protocol. A local attacker could possibly use this issue to escalate privileges. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly initialized memory. A local attacker could possibly use this issue to obtain sensitive information. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled the XkbSelectEvents function. A local attacker could possibly use this issue to escalate privileges. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled the XRecordRegisterClients function. A local attacker could possibly use this issue to escalate privileges.

tags | advisory, local, vulnerability, protocol
systems | linux, ubuntu
advisories | CVE-2020-14345, CVE-2020-14346, CVE-2020-14347, CVE-2020-14361, CVE-2020-14362
MD5 | 2c21e36caf7b07e3cf7bab5cb7a9f1d9
Ubuntu Security Notice USN-4491-1
Posted Sep 9, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4491-1 - It was discovered that GnuTLS incorrectly handled certain alerts when being used with TLS 1.3 servers. A remote attacker could use this issue to cause GnuTLS to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-24659
MD5 | 850846219cfdc31cd7162b083b8e91e8
Ubuntu Security Notice USN-4487-2
Posted Sep 8, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4487-2 - USN-4487-1 fixed several vulnerabilities in libx11. This update provides the corresponding update for Ubuntu 12.04 ESM and 14.04 ESM. Todd Carson discovered that libx11 incorrectly handled certain memory operations. A local attacker could possibly use this issue to escalate privileges. Various other issues were also addressed.

tags | advisory, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2020-14344, CVE-2020-14363
MD5 | 7b5ef11330385584e46af64155d4486c
Ubuntu Security Notice USN-4490-1
Posted Sep 8, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4490-1 - Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled the XkbSetNames function. A local attacker could possibly use this issue to escalate privileges.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2020-14345
MD5 | 19cdf17747d7e092e4f8abf0216678ca
Page 5 of 278
Back34567Next

File Archive:

October 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    25 Files
  • 2
    Oct 2nd
    13 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    1 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    15 Files
  • 7
    Oct 7th
    15 Files
  • 8
    Oct 8th
    11 Files
  • 9
    Oct 9th
    3 Files
  • 10
    Oct 10th
    1 Files
  • 11
    Oct 11th
    1 Files
  • 12
    Oct 12th
    8 Files
  • 13
    Oct 13th
    12 Files
  • 14
    Oct 14th
    23 Files
  • 15
    Oct 15th
    4 Files
  • 16
    Oct 16th
    13 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    1 Files
  • 19
    Oct 19th
    27 Files
  • 20
    Oct 20th
    41 Files
  • 21
    Oct 21st
    18 Files
  • 22
    Oct 22nd
    16 Files
  • 23
    Oct 23rd
    2 Files
  • 24
    Oct 24th
    1 Files
  • 25
    Oct 25th
    1 Files
  • 26
    Oct 26th
    17 Files
  • 27
    Oct 27th
    19 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close