Ubuntu: Security Advisory (USN-1446-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security feature bypass

OverlayFS in the Linux kernel before 3.0.0-16.28, as used in Ubuntu 10.0.4 LTS and 11.10, is missing inode security checks which could allow attackers to bypass security restrictions and perform unauthorized actions...

CVE-2012-0055

OverlayFS in the Linux kernel before 3.0.0-16.28, as used in Ubuntu 10.0.4 LTS and 11.10, is missing inode security checks which could allow attackers to bypass security restrictions and perform unauthorized actions...

escon supportportal pro 3.0 - Stored XSS

No description provided by source. !/usr/bin/python ''' Author: loneferret of Offensive Security Product: ESCON SupportPortal Pro Version: 3.0 Vendor Site: http://www.e-supportportal.com Software Download: http://www.e-supportportal.com/download.html Timeline: 29 May 2012: Vulnerability reported ...

Acpid 1:2.0.10-1ubuntu2 Privilege Boundary Crossing Vulnerability

No description provided by source. Exploit Title: Acpid Privilege Boundary Crossing Vulnerability Google Dork: Date: 23-11-2011 Author: otr Software Link: https://launchpad.net/ubuntu/+source/acpid Version: 1:2.0.10-1ubuntu2 Tested on: Ubuntu 11.10, Ubuntu 11.04 CVE : CVE-2011-2777 -- Safeguard...

CVE-2013-0345

varnish 3.0.3 uses world-readable permissions for the /var/log/varnish/ directory and the log files in the directory, which allows local users to obtain sensitive information by reading the files. NOTE: some of these details are obtained from third party information...

Directory traversal

DistUpgrade/DistUpgradeFetcherCore.py in Update Manager before 1:0.87.31.1, 1:0.134.x before 1:0.134.11.1, 1:0.142.x before 1:0.142.23.1, 1:0.150.x before 1:0.150.5.1, and 1:0.152.x before 1:0.152.25.5 on Ubuntu 8.04 through 11.10 does not verify the GPG signature before extracting an upgrade...

CVE-2011-3152

DistUpgrade/DistUpgradeFetcherCore.py in Update Manager before 1:0.87.31.1, 1:0.134.x before 1:0.134.11.1, 1:0.142.x before 1:0.142.23.1, 1:0.150.x before 1:0.150.5.1, and 1:0.152.x before 1:0.152.25.5 on Ubuntu 8.04 through 11.10 does not verify the GPG signature before extracting an upgrade...

CVE-2011-3628

Untrusted search path vulnerability in pammotd aka the MOTD module in libpam-modules before 1.1.3-2ubuntu2.1 on Ubuntu 11.10, before 1.1.2-2ubuntu8.4 on Ubuntu 11.04, before 1.1.1-4ubuntu2.4 on Ubuntu 10.10, before 1.1.1-2ubuntu5.4 on Ubuntu 10.04 LTS, and before 0.99.7.1-5ubuntu6.5 on Ubuntu 8.0...

Ubuntu: Security Advisory (USN-1804-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu Update for icedtea-web USN-1804-1

Check for the Version of icedtea-web OpenVAS Vulnerability Test $Id: gbubuntuUSN18041.nasl 8448 2018-01-17 16:18:06Z teissa $ Ubuntu Update for icedtea-web USN-1804-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free...

Ubuntu Update for haproxy USN-1800-1

Check for the Version of haproxy OpenVAS Vulnerability Test $Id: gbubuntuUSN18001.nasl 7958 2017-12-01 06:47:47Z santu $ Ubuntu Update for haproxy USN-1800-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software...

Ubuntu: Security Advisory (USN-1800-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-1803-1: X.Org X server vulnerability

It was discovered that the X.Org X server did not properly clear input events in certain circumstances. A local attacker with physical access could use this flaw to capture keystrokes...

[USN-1789-1] PostgreSQL vulnerabilities

========================================================================== Ubuntu Security Notice USN-1789-1 April 04, 2013 postgresql-8.3, postgresql-8.4, postgresql-9.1 vulnerabilities ========================================================================== A security issue affects these...

Ubuntu Update for postgresql-9.1 USN-1789-1

Check for the Version of postgresql-9.1 OpenVAS Vulnerability Test $Id: gbubuntuUSN17891.nasl 8542 2018-01-26 06:57:28Z teissa $ Ubuntu Update for postgresql-9.1 USN-1789-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program i...

Ubuntu Update for linux USN-1787-1

Check for the Version of linux OpenVAS Vulnerability Test $Id: gbubuntuUSN17871.nasl 8650 2018-02-03 12:16:59Z teissa $ Ubuntu Update for linux USN-1787-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; y...

Ubuntu Update for firefox USN-1786-1

Check for the Version of firefox OpenVAS Vulnerability Test $Id: gbubuntuUSN17861.nasl 7958 2017-12-01 06:47:47Z santu $ Ubuntu Update for firefox USN-1786-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software...

USN-1787-1: Linux kernel vulnerabilities

Emese Revfy discovered that in the Linux kernel signal handlers could leak address information across an exec, making it possible to by pass ASLR Address Space Layout Randomization. A local user could use this flaw to by pass ASLR to reliably deliver an exploit payload that would otherwise be...

USN-1784-1: libxslt vulnerability

Nicholas Gregoire discovered that libxslt incorrectly handled certain empty values. If a user or automated system were tricked into processing a specially crafted XSLT document, a remote attacker could cause libxslt to crash, causing a denial of service...