19 matches found
EUVD-2019-16850
Malware in sbrugna...
EUVD-2012-0972
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2019-7306
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Byobu Apport hook may disclose sensitive information since it automatically uploads the local user's .screenrc which may contain private hostnames, usernames an...
SUSE CVE-2021-32547
It was discovered that readfile in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-lts package apport hooks, it could expose private data to other local users...
Ubuntu 16.04 ESM : Byobu vulnerability (USN-5234-1)
The remote Ubuntu 16.04 ESM host has a package installed that is affected by a vulnerability as referenced in the USN-5234-1 advisory. Sander Bos discovered that Byobu incorrectly handled certain Apport data. An attacker could possibly use this issue to expose sensitive information. Tenable has...
CVE-2021-32550
It was discovered that readfile in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-14 package apport hooks, it could expose private data to other local users...
CVE-2019-7306
Byobu Apport hook may disclose sensitive information since it automatically uploads the local user's .screenrc which may contain private hostnames, usernames and passwords. This issue affects: byobu...
CVE-2019-7306
Byobu Apport hook may disclose sensitive information since it automatically uploads the local user's .screenrc which may contain private hostnames, usernames and passwords. This issue affects: byobu...
DEBIAN-CVE-2019-7306
Byobu Apport hook may disclose sensitive information since it automatically uploads the local user's .screenrc which may contain private hostnames, usernames and passwords. This issue affects: byobu...
UBUNTU-CVE-2019-7306
Byobu Apport hook may disclose sensitive information since it automatically uploads the local user's .screenrc which may contain private hostnames, usernames and passwords. This issue affects: byobu...
CVE-2019-7306
CVE-2019-7306 concerns Byobu, where the Apport hook may disclose sensitive information by auto-uploading the local user’s .screenrc (potentially exposing hostnames, usernames, and passwords). The connected OSV/Ubuntu entries confirm Byobu as the affected component and describe the disclosure risk...
CVE-2019-7306 Byobu apport hook uploads user's ~/.screenrc
Byobu Apport hook may disclose sensitive information since it automatically uploads the local user's .screenrc which may contain private hostnames, usernames and passwords. This issue affects: byobu...
Design/Logic Flaw
The Apport hook DistUpgradeApport.py in Update Manager, as used by Ubuntu 12.04 LTS, 11.10, and 11.04, uploads the /var/log/dist-upgrade directory when reporting bugs to Launchpad, which allows remote attackers to read repository credentials by viewing a public bug report. NOTE: this vulnerabilit...
CVE-2012-0950
The CVE-2012-0950 vulnerability concerns the Apport hook (DistUpgradeApport.py) in Ubuntu Update Manager: when reporting bugs to Launchpad it uploads /var/log/dist-upgrade, potentially exposing repository credentials in a public bug report. This exists because of an incomplete fix for CVE-2012-09...
CVE-2012-0950
The Apport hook DistUpgradeApport.py in Update Manager, as used by Ubuntu 12.04 LTS, 11.10, and 11.04, uploads the /var/log/dist-upgrade directory when reporting bugs to Launchpad, which allows remote attackers to read repository credentials by viewing a public bug report. NOTE: this vulnerabilit...
Design/Logic Flaw
The Apport hook in Update Manager as used by Ubuntu 12.04 LTS, 11.10, and 11.04 uploads certain system state archive files when reporting bugs to Launchpad, which allows remote attackers to read repository credentials by viewing a public bug report...
CVE-2012-0949
CVE-2012-0949 affects the Ubuntu Update Manager Apport hook (DistUpgradeApport.py) used in Ubuntu 12.04 LTS, 11.10 and 11.04. The vulnerability arises when reporting bugs to Launchpad, where certain system state archive files could be uploaded, allowing remote attackers to read repository credent...
Ubuntu 11.04 / 11.10 / 12.04 LTS : update-manager vulnerabilities (USN-1443-1)
It was discovered that Update Manager created system state archive files with incorrect permissions when upgrading releases. A local user could possibly use this to read repository credentials. CVE-2012-0948 Felix Geyer discovered that the Update Manager Apport hook incorrectly uploaded certain...
CVE-2012-0949
The Apport hook in Update Manager as used by Ubuntu 12.04 LTS, 11.10, and 11.04 uploads certain system state archive files when reporting bugs to Launchpad, which allows remote attackers to read repository credentials by viewing a public bug report...