27 matches found
Ubuntu: Security Advisory (USN-4247-3)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
cfsshtunnel (>=0.1.7 <=0.2.1), click-reviewers-tools (>=0.70.0 <=0.84.0) +2 more potentially affected by CVE-2019-15796 via python-apt (=0.7.8)
python-apt PYPI version =0.7.8 is affected by a known vulnerability. The following packages have a transitive dependency on python-apt and may be impacted: - cfsshtunnel =0.1.7, =0.70.0, =0.84.0 - craft-parts =1.19.8 - plex-updater =0.1.0 Source cves: CVE-2019-15796 Source advisory:...
Siemens SIMATIC Controller Web Servers Uncaught Exception (CVE-2020-15796)
A vulnerability has been identified in SIMATIC ET 200SP Open Controller incl. SIPLUS variants V20.8, SIMATIC S7-1500 Software Controller V20.8. The web server of the affected products contains a vulnerability that could allow a remote attacker to trigger a denial-of-service condition by sending a...
CVE-2020-15796
creationtimestamp| type| source ---|---|--- 2020-12-15 00:39:24+00:00| seen| https://t.me/cibsecurity/20780...
CVE-2020-15796
CVE-2020-15796 affects Siemens SIMATIC Controller Web Servers, specifically the web servers in SIMATIC ET 200SP Open Controller (incl. SIPLUS variants, V20.8) and SIMATIC S7-1500 Software Controller (V20.8) . The vulnerability stems from an Uncaught Exception (CWE-248) in the web server, which co...
Siemens SIMATIC Controller Web Servers
1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC Controller Web Servers Vulnerability: Uncaught Exception 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a...
CVE-2019-15796
creationtimestamp| type| source ---|---|--- 2020-03-26 15:52:29+00:00| seen| https://t.me/cibsecurity/10752...
CVE-2019-15796
Python-apt doesn't check if hashes are signed in Version.fetchbinary and Version.fetchsource of apt/package.py or in fetcharchives of apt/cache.py in version 1.9.3ubuntu2 and earlier. This allows downloads from unsigned repositories which shouldn't be allowed and has been fixed in verisions 1.9.5...
DEBIAN-CVE-2019-15796
Python-apt doesn't check if hashes are signed in Version.fetchbinary and Version.fetchsource of apt/package.py or in fetcharchives of apt/cache.py in version 1.9.3ubuntu2 and earlier. This allows downloads from unsigned repositories which shouldn't be allowed and has been fixed in verisions 1.9.5...
CVE-2019-15796 python-apt downloads from untrusted sources
Python-apt doesn't check if hashes are signed in Version.fetchbinary and Version.fetchsource of apt/package.py or in fetcharchives of apt/cache.py in version 1.9.3ubuntu2 and earlier. This allows downloads from unsigned repositories which shouldn't be allowed and has been fixed in verisions 1.9.5...
CVE-2019-15796
CVE-2019-15796 affects the Python-apt package where Version.fetch_binary(), Version.fetch_source(), and _fetch_archives() did not verify signed hashes in versions up to 1.9.3ubuntu2, enabling downloads from unsigned repositories. The issue has been fixed in versions 1.9.5, 1.9.0ubuntu1.2, 1.6.5ub...
USN-4247-2: python-apt regression | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Description USN-4247-1 fixed vulnerabilities in python-apt. The updated packages caused a regression when attempting to upgrade to a new Ubuntu release. This update fixes the problem. We apologize for the...
USN-4247-1: python-apt vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Description It was discovered that python-apt would still use MD5 hashes to validate certain downloaded packages. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be...
Debian: Security Advisory (DLA-2074-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-2074-1 : python-apt security update
Several issues have been found in python-apt, a python interface to libapt-pkg. CVE-2019-15795 It was discovered that python-apt would still use MD5 hashes to validate certain downloaded packages. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be...
[SECURITY] [DLA 2074-1] python-apt security update
Package : python-apt Version : 0.9.3.13 CVE ID : CVE-2019-15795 CVE-2019-15796 Debian Bug : 944696 Several issues have been found in python-apt, a python interface to libapt-pkg. CVE-2019-15795 It was discovered that python-apt would still use MD5 hashes to validate certain downloaded packages. I...
USN-4247-3 python-apt vulnerabilities
USN-4247-1 fixed several vulnerabilities in python-apt. This update provides the corresponding updates for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that python-apt would still use MD5 hashes to validate certain downloaded packages. If a remote attacker...
Ubuntu 16.04 LTS / 18.04 LTS : python-apt vulnerabilities (USN-4247-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4247-1 advisory. It was discovered that python-apt would still use MD5 hashes to validate certain downloaded packages. If a remote attacker were able to perfo...
Ubuntu: Security Advisory (USN-4247-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 16.04 LTS / 18.04 LTS : python-apt regression (USN-4247-2)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4247-2 advisory. USN-4247-1 fixed vulnerabilities in python-apt. The updated packages caused a regression when attempting to upgrade to a new Ubuntu release. This upda...