Lucene search
K

692 matches found

UbuntuCve
UbuntuCve
added 2015/04/14 12:0 a.m.34 views

CVE-2015-1318

The crash reporting feature in Apport 2.13 through 2.17.x before 2.17.1 allows local users to gain privileges via a crafted usr/share/apport/apport file in a namespace container...

7.2CVSS7AI score0.04187EPSS
Exploits12References2
OpenVAS
OpenVAS
added 2013/10/29 12:0 a.m.23 views

Ubuntu Update for apport USN-2007-1

Check for the Version of apport OpenVAS Vulnerability Test $Id: gbubuntuUSN20071.nasl 8456 2018-01-18 06:58:40Z teissa $ Ubuntu Update for apport USN-2007-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software;...

4.9CVSS6.5AI score0.00402EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2013/10/29 12:0 a.m.24 views

Ubuntu: Security Advisory (USN-2007-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.9CVSS6.6AI score0.00402EPSS
Exploits0References2
securityvulns
securityvulns
added 2013/10/28 12:0 a.m.54 views

[USN-2007-1] Apport vulnerability

========================================================================== Ubuntu Security Notice USN-2007-1 October 24, 2013 apport vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

4.9CVSS6AI score0.00402EPSS
Exploits0
NVD
NVD
added 2013/10/25 11:55 p.m.21 views

CVE-2013-1067

Apport 2.12.5 and earlier uses weak permissions for core dump files created by setuid binaries, which allows local users to obtain sensitive information by reading the file...

4.9CVSS5.7AI score0.00402EPSS
Exploits0References1
Prion
Prion
added 2013/10/25 11:55 p.m.15 views

Design/Logic Flaw

Apport 2.12.5 and earlier uses weak permissions for core dump files created by setuid binaries, which allows local users to obtain sensitive information by reading the file...

4.9CVSS6.2AI score0.00402EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2013/10/25 11:0 p.m.45 views

CVE-2013-1067

CVE-2013-1067 affects Apport. Connected sources confirm that Apport 2.12.5 and earlier leave core-dump files created by setuid binaries with weak permissions, enabling local users to read privileged information. This is the root cause described across Red Hat, SUSE, and Ubuntu advisories. Exploit...

4.9CVSS5.7AI score0.00402EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2013/10/25 11:0 p.m.24 views

CVE-2013-1067

Apport 2.12.5 and earlier uses weak permissions for core dump files created by setuid binaries, which allows local users to obtain sensitive information by reading the file...

5.6AI score0.00402EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2013/10/25 12:0 a.m.23 views

Ubuntu 12.04 LTS / 12.10 / 13.04 / 13.10 : apport vulnerability (USN-2007-1)

Martin Carpenter discovered that Apport set incorrect permissions on core dump files generated by setuid binaries. A local attacker could possibly use this issue to obtain privileged information. Note that Tenable Network Security has extracted the preceding description block directly from the...

4.9CVSS5.4AI score0.00402EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2013/10/24 4:39 p.m.49 views

USN-2007-1: Apport vulnerability

Martin Carpenter discovered that Apport set incorrect permissions on core dump files generated by setuid binaries. A local attacker could possibly use this issue to obtain privileged information...

4.9CVSS5.3AI score0.00402EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2013/10/24 12:0 a.m.19 views

CVE-2013-1067

Apport 2.12.5 and earlier uses weak permissions for core dump files created by setuid binaries, which allows local users to obtain sensitive information by reading the file...

4.9CVSS5.9AI score0.00402EPSS
Exploits0References2
securityvulns
securityvulns
added 2013/01/02 12:0 a.m.46 views

[USN-1668-1] Apport update

========================================================================== Ubuntu Security Notice USN-1668-1 December 17, 2012 apport update ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu...

7.2AI score
Exploits0
OpenVAS
OpenVAS
added 2012/12/18 12:0 a.m.9 views

Ubuntu Update for apport USN-1668-1

Ubuntu Update for Linux kernel vulnerabilities USN-1668-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN16681.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for apport USN-1668-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This...

7.4AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2012/12/18 12:0 a.m.16 views

Ubuntu 10.04 LTS / 11.10 / 12.04 LTS : apport update (USN-1668-1)

Dan Rosenberg discovered that an application running under an AppArmor profile that allowed unconfined execution of apport-bug could escape confinement by calling apport-bug with a crafted environment. While not a vulnerability in apport itself, this update mitigates the issue by sanitizing certa...

5.6AI score
Exploits0References1
OpenVAS
OpenVAS
added 2012/12/18 12:0 a.m.10 views

Ubuntu: Security Advisory (USN-1668-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References3
Ubuntu
Ubuntu
added 2012/12/17 10:54 p.m.34 views

USN-1668-1: Apport update

Dan Rosenberg discovered that an application running under an AppArmor profile that allowed unconfined execution of apport-bug could escape confinement by calling apport-bug with a crafted environment. While not a vulnerability in apport itself, this update mitigates the issue by sanitizing certa...

5.6AI score
Exploits0References1
Prion
Prion
added 2012/06/19 8:55 p.m.18 views

Design/Logic Flaw

The Apport hook DistUpgradeApport.py in Update Manager, as used by Ubuntu 12.04 LTS, 11.10, and 11.04, uploads the /var/log/dist-upgrade directory when reporting bugs to Launchpad, which allows remote attackers to read repository credentials by viewing a public bug report. NOTE: this vulnerabilit...

5CVSS6.8AI score0.02118EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2012/06/19 8:0 p.m.68 views

CVE-2012-0950

The CVE-2012-0950 vulnerability concerns the Apport hook (DistUpgradeApport.py) in Ubuntu Update Manager: when reporting bugs to Launchpad it uploads /var/log/dist-upgrade, potentially exposing repository credentials in a public bug report. This exists because of an incomplete fix for CVE-2012-09...

5CVSS6.6AI score0.01779EPSS
Exploits0References2Affected Software1
UbuntuCve
UbuntuCve
added 2012/06/04 12:0 a.m.37 views

CVE-2012-0950

The Apport hook DistUpgradeApport.py in Update Manager, as used by Ubuntu 12.04 LTS, 11.10, and 11.04, uploads the /var/log/dist-upgrade directory when reporting bugs to Launchpad, which allows remote attackers to read repository credentials by viewing a public bug report. NOTE: this vulnerabilit...

5CVSS5.9AI score0.01779EPSS
Exploits0References2
Prion
Prion
added 2012/05/31 5:55 p.m.22 views

Design/Logic Flaw

The Apport hook in Update Manager as used by Ubuntu 12.04 LTS, 11.10, and 11.04 uploads certain system state archive files when reporting bugs to Launchpad, which allows remote attackers to read repository credentials by viewing a public bug report...

5CVSS6.7AI score0.02118EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder