Lucene search
+L

695 matches found

CVE
CVE
added 2012/06/19 8:0 p.m.71 views

CVE-2012-0950

The CVE-2012-0950 vulnerability concerns the Apport hook (DistUpgradeApport.py) in Ubuntu Update Manager: when reporting bugs to Launchpad it uploads /var/log/dist-upgrade, potentially exposing repository credentials in a public bug report. This exists because of an incomplete fix for CVE-2012-09...

5CVSS6.6AI score0.01779EPSS
Exploits0References2Affected Software1
UbuntuCve
UbuntuCve
added 2012/06/04 12:0 a.m.37 views

CVE-2012-0950

The Apport hook DistUpgradeApport.py in Update Manager, as used by Ubuntu 12.04 LTS, 11.10, and 11.04, uploads the /var/log/dist-upgrade directory when reporting bugs to Launchpad, which allows remote attackers to read repository credentials by viewing a public bug report. NOTE: this vulnerabilit...

5CVSS5.9AI score0.01779EPSS
Exploits0References2
Prion
Prion
added 2012/05/31 5:55 p.m.23 views

Design/Logic Flaw

The Apport hook in Update Manager as used by Ubuntu 12.04 LTS, 11.10, and 11.04 uploads certain system state archive files when reporting bugs to Launchpad, which allows remote attackers to read repository credentials by viewing a public bug report...

5CVSS6.7AI score0.02118EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2012/05/31 5:0 p.m.64 views

CVE-2012-0949

CVE-2012-0949 affects the Ubuntu Update Manager Apport hook (DistUpgradeApport.py) used in Ubuntu 12.04 LTS, 11.10 and 11.04. The vulnerability arises when reporting bugs to Launchpad, where certain system state archive files could be uploaded, allowing remote attackers to read repository credent...

5CVSS6.5AI score0.02118EPSS
Exploits0References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2012/05/18 12:0 a.m.24 views

Ubuntu 11.04 / 11.10 / 12.04 LTS : update-manager vulnerabilities (USN-1443-1)

It was discovered that Update Manager created system state archive files with incorrect permissions when upgrading releases. A local user could possibly use this to read repository credentials. CVE-2012-0948 Felix Geyer discovered that the Update Manager Apport hook incorrectly uploaded certain...

5CVSS5.4AI score0.02118EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2012/05/17 12:0 a.m.25 views

CVE-2012-0949

The Apport hook in Update Manager as used by Ubuntu 12.04 LTS, 11.10, and 11.04 uploads certain system state archive files when reporting bugs to Launchpad, which allows remote attackers to read repository credentials by viewing a public bug report...

5CVSS5.9AI score0.02118EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2009/07/21 12:0 a.m.21 views

openSUSE Security Update : apport (apport-816)

The apport crash watcher / handler suite contains a cron job that cleanes the world writeable /var/crash directory unsafely, allowing local attackers to remove random files on the system. CVE-2009-1295 This update fixes this. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive te...

1.9CVSS5.4AI score0.00396EPSS
Exploits1References2
Prion
Prion
added 2009/04/30 8:30 p.m.17 views

Design/Logic Flaw

Apport before 0.108.4 on Ubuntu 8.04 LTS, before 0.119.2 on Ubuntu 8.10, and before 1.0-0ubuntu5.2 on Ubuntu 9.04 does not properly remove files from the application's crash-report directory, which allows local users to delete arbitrary files via unspecified vectors...

1.9CVSS6.8AI score0.00396EPSS
Exploits1References8Affected Software2
UbuntuCve
UbuntuCve
added 2009/04/30 8:30 p.m.29 views

CVE-2009-1295

Apport before 0.108.4 on Ubuntu 8.04 LTS, before 0.119.2 on Ubuntu 8.10, and before 1.0-0ubuntu5.2 on Ubuntu 9.04 does not properly remove files from the application's crash-report directory, which allows local users to delete arbitrary files via unspecified vectors...

1.9CVSS6AI score0.00396EPSS
Exploits1References2
NVD
NVD
added 2009/04/30 8:30 p.m.19 views

CVE-2009-1295

Apport before 0.108.4 on Ubuntu 8.04 LTS, before 0.119.2 on Ubuntu 8.10, and before 1.0-0ubuntu5.2 on Ubuntu 9.04 does not properly remove files from the application's crash-report directory, which allows local users to delete arbitrary files via unspecified vectors...

1.9CVSS6.3AI score0.00396EPSS
Exploits1References8
CVE
CVE
added 2009/04/30 8:0 p.m.66 views

CVE-2009-1295

CVE-2009-1295 affects Apport crash reporter in Ubuntu 8.04/8.10/9.04 where the crash-report directory is not cleaned properly, allowing local users to delete arbitrary files via unspecified vectors. The issue is confirmed by multiple connected sources: Ubuntu USN-768-1 notes the affected Ubuntu r...

1.9CVSS6.3AI score0.00396EPSS
Exploits1References8Affected Software2
Cvelist
Cvelist
added 2009/04/30 8:0 p.m.22 views

CVE-2009-1295

Apport before 0.108.4 on Ubuntu 8.04 LTS, before 0.119.2 on Ubuntu 8.10, and before 1.0-0ubuntu5.2 on Ubuntu 9.04 does not properly remove files from the application's crash-report directory, which allows local users to delete arbitrary files via unspecified vectors...

6.2AI score0.00396EPSS
Exploits1References8
seebug.org
seebug.org
added 2009/04/30 12:0 a.m.19 views

Ubuntu Apport本地任意文件删除漏洞

BUGTRAQ ID: 34776 Ubuntu是一款流行的Linux发行版本。 Ubuntu Apport不安全方式删除崩溃报告文件,本地攻击者可以利用漏洞删除任意文件,进行拒绝服务攻击。 目前没有详细漏洞细节提供。 Ubuntu Ubuntu Linux 9.04 sparc Ubuntu Ubuntu Linux 9.04 powerpc Ubuntu Ubuntu Linux 9.04 lpia Ubuntu Ubuntu Linux 9.04 i386 Ubuntu Ubuntu Linux 9.04 amd64 Ubuntu Ubuntu Linux 8.10 sparc...

6.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2009/04/30 12:0 a.m.22 views

Ubuntu 8.04 LTS / 8.10 / 9.04 : Apport vulnerability (USN-768-1)

Stephane Chazelas discovered that Apport did not safely remove files from its crash report directory. If Apport had been enabled at some point, a local attacker could remove arbitrary files from the system. Note that Tenable Network Security has extracted the preceding description block directly...

1.9CVSS5.6AI score0.00396EPSS
Exploits1References2
Ubuntu
Ubuntu
added 2009/04/29 10:0 p.m.49 views

USN-768-1: Apport vulnerability

Stephane Chazelas discovered that Apport did not safely remove files from its crash report directory. If Apport had been enabled at some point, a local attacker could remove arbitrary files from the system...

1.9CVSS5.4AI score0.00396EPSS
Exploits1
Rows per page
Query Builder