This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Canonical First view 2009-09-10
Product Ubuntu Linux Last view 2020-02-19
Version 10.04 Type Os
Update *  
Edition *  
Language *  
Sofware Edition lts  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:canonical:ubuntu_linux

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
7.8 2020-02-19 CVE-2012-0055

OverlayFS in the Linux kernel before 3.0.0-16.28, as used in Ubuntu 10.0.4 LTS and 11.10, is missing inode security checks which could allow attackers to bypass security restrictions and perform unauthorized actions.

7.8 2020-01-02 CVE-2013-4532

Qemu 1.1.2+dfsg to 2.1+dfsg suffers from a buffer overrun which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process.

7.5 2019-12-31 CVE-2013-4357

The eglibc package before 2.14 incorrectly handled the getaddrinfo() function. An attacker could use this issue to cause a denial of service.

4.4 2019-12-26 CVE-2012-2736

In NetworkManager 0.9.2.0, when a new wireless network was created with WPA/WPA2 security in AdHoc mode, it created an open/insecure network.

5.5 2019-11-20 CVE-2015-1607

kbx/keybox-search.c in GnuPG before 1.4.19, 2.0.x before 2.0.27, and 2.1.x before 2.1.2 does not properly handle bitwise left-shifts, which allows remote attackers to cause a denial of service (invalid read operation) via a crafted keyring file, related to sign extensions and "memcpy with overlapping ranges."

7.8 2016-12-16 CVE-2016-9950

An issue was discovered in Apport before 2.20.4. There is a path traversal issue in the Apport crash file "Package" and "SourcePackage" fields. These fields are used to build a path to the package specific hook files in the /usr/share/apport/package-hooks/ directory. An attacker can exploit this path traversal to execute arbitrary Python files from the local system.

7.8 2016-12-16 CVE-2016-9949

An issue was discovered in Apport before 2.20.4. In apport/ui.py, Apport reads the CrashDB field and it then evaluates the field as Python code if it begins with a "{". This allows remote attackers to execute arbitrary Python code.

7.8 2016-11-27 CVE-2015-1328

The overlayfs implementation in the linux (aka Linux kernel) package before 3.19.0-21.21 in Ubuntu through 15.04 does not properly check permissions for file creation in the upper filesystem directory, which allows local users to obtain root access by leveraging a configuration in which overlayfs is permitted in an arbitrary mount namespace.

4.3 2015-04-13 CVE-2015-0840

The dpkg-source command in Debian dpkg before 1.16.16 and 1.17.x before 1.17.25 allows remote attackers to bypass signature verification via a crafted Debian source control file (.dsc).

10 2015-04-10 CVE-2015-2806

Stack-based buffer overflow in asn1_der_decoding in libtasn1 before 4.4 allows remote attackers to have unspecified impact via unknown vectors.

6.4 2015-04-08 CVE-2015-1473

The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during a risk-management decision for use of the alloca function, which might allow context-dependent attackers to cause a denial of service (segmentation violation) or overwrite memory locations beyond the stack boundary via a long line containing wide characters that are improperly handled in a wscanf call.

7.5 2015-04-08 CVE-2015-1472

The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during memory allocation, which allows context-dependent attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a long line containing wide characters that are improperly handled in a wscanf call.

7.5 2015-03-30 CVE-2015-2301

Use-after-free vulnerability in the phar_rename_archive function in phar_object.c in PHP before 5.5.22 and 5.6.x before 5.6.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an attempted renaming of a Phar archive to the name of an existing file.

4.3 2015-03-25 CVE-2015-2317

The utils.http.is_safe_url function in Django before 1.4.20, 1.5.x, 1.6.x before 1.6.11, 1.7.x before 1.7.7, and 1.8.x before 1.8c1 does not properly validate URLs, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a control character in a URL, as demonstrated by a \x08javascript: URL.

5 2015-03-25 CVE-2015-2316

The utils.html.strip_tags function in Django 1.6.x before 1.6.11, 1.7.x before 1.7.7, and 1.8.x before 1.8c1, when using certain versions of Python, allows remote attackers to cause a denial of service (infinite loop) by increasing the length of the input string.

8.5 2015-03-20 CVE-2015-1803

The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly handle character bitmaps it cannot read, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) and possibly execute arbitrary code via a crafted BDF font file.

5 2015-03-07 CVE-2015-0228

The lua_websocket_read function in lua_request.c in the mod_lua module in the Apache HTTP Server through 2.4.12 allows remote attackers to cause a denial of service (child-process crash) by sending a crafted WebSocket Ping frame after a Lua script has called the wsupgrade function.

4.6 2015-02-24 CVE-2015-1572

Heap-based buffer overflow in closefs.c in the libext2fs library in e2fsprogs before 1.42.12 allows local users to execute arbitrary code by causing a crafted block group descriptor to be marked as dirty. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-0247.

5 2015-02-24 CVE-2013-7423

The send_dg function in resolv/res_send.c in GNU C Library (aka glibc or libc6) before 2.20 does not properly reuse file descriptors, which allows remote attackers to send DNS queries to unintended locations via a large number of requests that trigger a call to the getaddrinfo function.

4.6 2015-02-17 CVE-2015-0247

Heap-based buffer overflow in openfs.c in the libext2fs library in e2fsprogs before 1.42.12 allows local users to execute arbitrary code via crafted block group descriptor data in a filesystem image.

5 2015-02-08 CVE-2014-9675

bdf/bdflib.c in FreeType before 2.5.4 identifies property names by only verifying that an initial substring is present, which allows remote attackers to discover heap pointer values and bypass the ASLR protection mechanism via a crafted BDF font.

7.5 2015-02-08 CVE-2014-9674

The Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 proceeds with adding to length values without validating the original values, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font.

6.8 2015-02-08 CVE-2014-9673

Integer signedness error in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font.

5.8 2015-02-08 CVE-2014-9672

Array index error in the parse_fond function in base/ftmac.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (out-of-bounds read) or obtain sensitive information from process memory via a crafted FOND resource in a Mac font file.

4.3 2015-02-08 CVE-2014-9671

Off-by-one error in the pcf_get_properties function in pcf/pcfread.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PCF file with a 0xffffffff size value that is improperly incremented.

CWE : Common Weakness Enumeration

%idName
32% (27) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
14% (12) CWE-20 Improper Input Validation
9% (8) CWE-264 Permissions, Privileges, and Access Controls
9% (8) CWE-189 Numeric Errors
4% (4) CWE-399 Resource Management Errors
3% (3) CWE-476 NULL Pointer Dereference
3% (3) CWE-125 Out-of-bounds Read
3% (3) CWE-59 Improper Link Resolution Before File Access ('Link Following')
3% (3) CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path ...
2% (2) CWE-200 Information Exposure
2% (2) CWE-94 Failure to Control Generation of Code ('Code Injection')
1% (1) CWE-362 Race Condition
1% (1) CWE-310 Cryptographic Issues
1% (1) CWE-306 Missing Authentication for Critical Function
1% (1) CWE-284 Access Control (Authorization) Issues
1% (1) CWE-255 Credentials Management
1% (1) CWE-191 Integer Underflow (Wrap or Wraparound)
1% (1) CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflo...
1% (1) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
1% (1) CWE-17 Code

SAINT Exploits

Description Link
Ubuntu overlayfs privilege elevation More info here

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
77832 Parallels Plesk Panel Billing System TLS Renegotiation Handshakes MiTM Plaint...
75622 Blue Coat Director TLS Renegotiation Handshakes MiTM Plaintext Data Injection
74557 ISC DHCP Crafted BOOTP Packet Remote DoS
74556 ISC DHCP Crafted DHCP Packet Remote DoS
74335 Hitachi Web Server TLS Renegotiation Handshakes MiTM Plaintext Data Injection
73686 libcurl http_negotiate.c Curl_input_negotiate Function GSSAPI Credential Dele...
73328 cURL GSSAPI Client Credential Remote Disclosure
73259 Eucalyptus SOAP Request Signed Element MiTM Arbitrary Command Execution
71961 Oracle Fusion Middleware Oracle WebLogic Server TLS Renegotiation Handshakes ...
71951 Oracle Multiple Products Oracle Security Service TLS Renegotiation Handshakes...
71493 ISC DHCP dhclient Response Handling Metacharacter Shell Command Execution
70715 OpenOffice.org (OOo) oowriter WW8DopTypography::ReadFromMem Function Crafted ...
70712 OpenOffice.org (OOo) oowriter RTF Document Malformed Table Use-after-free Ove...
70711 OpenOffice.org (OOo) Multiple File Type Traversal Arbitrary File Overwrite
70620 mGuard TLS Renegotiation Handshakes MiTM Plaintext Data Injection
70055 Oracle Supply Chain Transportation Management TLS Renegotiation Handshakes Mi...
69561 IBM WebSphere MQ Internet Pass-Thru TLS Renegotiation Handshake MiTM Plaintex...
69205 libxml2 Crafted XML File XPath Axis Traversal DoS
69032 Oracle Java SE / Java for Business TLS Renegotiation Handshake MiTM Plaintext...
68289 Linux Kernel fs/jfs/xattr.c Extended Attribute Storage Legacy Format xattr Na...
68163 Linux Kernel net/rose/af_rose.c Multiple Function Signedness Error Local DoS
67897 Linux Kernel drivers/net/niu.c niu_get_ethtool_tcam_all() Function Crafted ET...
67896 Linux Kernel L2TP drivers/net/pppol2tp.c pppol2tp_xmit Function Routing Chang...
67029 HP Threat Management Services zl Module TLS Renegotiation Handshakes MiTM Pla...
66315 HP Insight Manager TLS Renegotiation Handshakes MiTM Plaintext Data Injection

ExploitDB Exploits

id Description
35359 tcpdump 4.6.2 Geonet Decoder Denial of Service
27778 Samba nttrans Reply - Integer Overflow Vulnerability
10579 TLS Renegotiation Vulnerability PoC Exploit

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2013-09-18 Name : Debian Security Advisory DSA 2581-1 (mysql-5.1 - several vulnerabilities)
File : nvt/deb_2581_1.nasl
2012-11-26 Name : Fedora Update for insight FEDORA-2012-18300
File : nvt/gb_fedora_2012_18300_insight_fc16.nasl
2012-11-26 Name : Fedora Update for insight FEDORA-2012-18311
File : nvt/gb_fedora_2012_18311_insight_fc17.nasl
2012-11-26 Name : Oracle MySQL Server Multiple Vulnerabilities-02 Nov12 (Windows)
File : nvt/gb_oracle_mysql_multiple_vuln02_nov12_win.nasl
2012-11-26 Name : Oracle MySQL Server Multiple Vulnerabilities-03 Nov12 (Windows)
File : nvt/gb_oracle_mysql_multiple_vuln03_nov12_win.nasl
2012-11-15 Name : CentOS Update for mysql CESA-2012:1462 centos6
File : nvt/gb_CESA-2012_1462_mysql_centos6.nasl
2012-11-15 Name : RedHat Update for mysql RHSA-2012:1462-01
File : nvt/gb_RHSA-2012_1462-01_mysql.nasl
2012-11-06 Name : Ubuntu Update for mysql-5.5 USN-1621-1
File : nvt/gb_ubuntu_USN_1621_1.nasl
2012-10-23 Name : Fedora Update for dhcp FEDORA-2012-15965
File : nvt/gb_fedora_2012_15965_dhcp_fc17.nasl
2012-10-23 Name : Fedora Update for dhcp FEDORA-2012-15981
File : nvt/gb_fedora_2012_15981_dhcp_fc16.nasl
2012-10-03 Name : Fedora Update for dhcp FEDORA-2012-14076
File : nvt/gb_fedora_2012_14076_dhcp_fc16.nasl
2012-10-03 Name : Mandriva Update for dhcp MDVSA-2012:153-1 (dhcp)
File : nvt/gb_mandriva_MDVSA_2012_153_1.nasl
2012-09-27 Name : Fedora Update for dhcp FEDORA-2012-14149
File : nvt/gb_fedora_2012_14149_dhcp_fc17.nasl
2012-09-26 Name : Debian Security Advisory DSA 2551-1 (isc-dhcp)
File : nvt/deb_2551_1.nasl
2012-09-26 Name : Gentoo Security Advisory GLSA 201209-02 (tiff)
File : nvt/glsa_201209_02.nasl
2012-09-22 Name : Ubuntu Update for isc-dhcp USN-1571-1
File : nvt/gb_ubuntu_USN_1571_1.nasl
2012-09-15 Name : Slackware Advisory SSA:2012-258-01 dhcp
File : nvt/esoft_slk_ssa_2012_258_01.nasl
2012-08-30 Name : Fedora Update for puppet FEDORA-2012-10891
File : nvt/gb_fedora_2012_10891_puppet_fc17.nasl
2012-08-10 Name : Debian Security Advisory DSA 2511-1 (puppet)
File : nvt/deb_2511_1.nasl
2012-08-10 Name : FreeBSD Ports: puppet
File : nvt/freebsd_puppet0.nasl
2012-08-10 Name : Gentoo Security Advisory GLSA 201206-18 (GnuTLS)
File : nvt/glsa_201206_18.nasl
2012-07-30 Name : CentOS Update for openoffice.org CESA-2011:0181 centos4 x86_64
File : nvt/gb_CESA-2011_0181_openoffice.org_centos4_x86_64.nasl
2012-07-30 Name : CentOS Update for openoffice.org-base CESA-2011:0182 centos5 x86_64
File : nvt/gb_CESA-2011_0182_openoffice.org-base_centos5_x86_64.nasl
2012-07-30 Name : CentOS Update for dhclient CESA-2011:0428 centos4 x86_64
File : nvt/gb_CESA-2011_0428_dhclient_centos4_x86_64.nasl
2012-07-30 Name : CentOS Update for dhclient CESA-2011:0428 centos5 x86_64
File : nvt/gb_CESA-2011_0428_dhclient_centos5_x86_64.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2015-A-0199 Multiple Vulnerabilities in Apple Mac OS X
Severity: Category I - VMSKEY: V0061337
2015-A-0174 Multiple Vulnerabilities in Apache HTTP Server
Severity: Category I - VMSKEY: V0061135
2015-A-0160 Multiple Vulnerabilities in Oracle Linux and Virtualization
Severity: Category I - VMSKEY: V0061123
2015-A-0038 Multiple Vulnerabilities in GNU C Library (glibc)
Severity: Category I - VMSKEY: V0058753
2015-B-0013 Multiple Vulnerabilities in VMware ESXi 5.1
Severity: Category I - VMSKEY: V0058515
2015-B-0014 Multiple Vulnerabilities in VMware ESXi 5.5
Severity: Category I - VMSKEY: V0058513
2015-B-0007 Multiple Vulnerabilities in Juniper Secure Analytics (JSA) and Security Threa...
Severity: Category I - VMSKEY: V0058213
2014-A-0056 Multiple Vulnerabilities in Oracle Java SE
Severity: Category I - VMSKEY: V0049583
2014-B-0021 Multiple Vulnerabilities in PHP
Severity: Category I - VMSKEY: V0044541
2014-A-0011 Multiple Vulnerabilities in Oracle MySQL Products
Severity: Category I - VMSKEY: V0043399
2013-B-0082 Samba Denial of Service Vulnerability
Severity: Category I - VMSKEY: V0039910
2012-A-0153 Multiple Vulnerabilities in VMware ESX 4.0 and ESXi 4.0
Severity: Category I - VMSKEY: V0033884
2012-B-0092 ISC DHCP Denial of Service Vulnerability
Severity: Category I - VMSKEY: V0033809
2012-B-0048 Multiple Vulnerabilities in HP Systems Insight Manager
Severity: Category I - VMSKEY: V0032178
2012-A-0073 Multiple Vulnerabilities in VMware ESXi 4.1 and ESX 4.1
Severity: Category I - VMSKEY: V0032171
2012-B-0038 Multiple Vulnerabilities in HP Onboard Administrator
Severity: Category I - VMSKEY: V0031972
2012-A-0020 Multiple Vulnerabilities in VMware ESX 4.1 and ESXi 4.1
Severity: Category I - VMSKEY: V0031252
2011-A-0108 Multiple Vulnerabilities in VMware ESX Service Console
Severity: Category I - VMSKEY: V0029562
2011-A-0066 Multiple Vulnerabilities in VMware Products
Severity: Category I - VMSKEY: V0027158

Snort® IPS/IDS

Date Description
2019-08-31 ISC DHCP command injection attempt
RuleID : 50831 - Type : SERVER-OTHER - Revision : 1
2019-08-31 ISC DHCP command injection attempt
RuleID : 50830 - Type : SERVER-OTHER - Revision : 1
2017-01-19 Ubuntu Apport CrashDB crash report code injection attempt
RuleID : 41041 - Type : OS-LINUX - Revision : 2
2017-01-19 Ubuntu Apport CrashDB crash report code injection attempt
RuleID : 41040 - Type : OS-LINUX - Revision : 2
2016-03-14 Oracle Java System.arraycopy race condition attempt
RuleID : 36240 - Type : FILE-JAVA - Revision : 2
2016-03-14 Oracle Java System.arraycopy race condition attempt
RuleID : 36239 - Type : FILE-JAVA - Revision : 2
2014-01-10 ISC dhcpd bootp request missing options field DOS attempt
RuleID : 25342 - Type : SERVER-OTHER - Revision : 8
2014-01-10 OpenOffice.org Microsoft Office Word file processing integer underflow attempt
RuleID : 18536 - Type : FILE-OFFICE - Revision : 15

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2018-04-03 Name: The remote web server may allow remote code execution.
File: iis_7_pci.nasl - Type: ACT_GATHER_INFO
2018-03-09 Name: The remote web server is affected by multiple vulnerabilities.
File: nginx_0_7_64.nasl - Type: ACT_GATHER_INFO
2017-11-27 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2017-1298.nasl - Type: ACT_GATHER_INFO
2017-11-27 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2017-3048-1.nasl - Type: ACT_GATHER_INFO
2017-11-17 Name: The remote host is affected by a MITM vulnerability.
File: fortios_FG-IR-17-137.nasl - Type: ACT_GATHER_INFO
2017-09-08 Name: The remote EulerOS host is missing multiple security updates.
File: EulerOS_SA-2017-1171.nasl - Type: ACT_GATHER_INFO
2017-09-08 Name: The remote EulerOS host is missing multiple security updates.
File: EulerOS_SA-2017-1172.nasl - Type: ACT_GATHER_INFO
2017-08-25 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2017-1860.nasl - Type: ACT_GATHER_INFO
2017-08-22 Name: The remote Scientific Linux host is missing one or more security updates.
File: sl_20170801_libtasn1_on_SL7_x.nasl - Type: ACT_GATHER_INFO
2017-08-09 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2017-1860.nasl - Type: ACT_GATHER_INFO
2017-08-03 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2017-1860.nasl - Type: ACT_GATHER_INFO
2017-07-27 Name: The remote Ubuntu host is missing a security-related patch.
File: ubuntu_USN-3367-1.nasl - Type: ACT_GATHER_INFO
2017-05-09 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2017-557.nasl - Type: ACT_GATHER_INFO
2017-05-01 Name: The remote EulerOS host is missing multiple security updates.
File: EulerOS_SA-2016-1038.nasl - Type: ACT_GATHER_INFO
2017-05-01 Name: The remote EulerOS host is missing a security update.
File: EulerOS_SA-2016-1039.nasl - Type: ACT_GATHER_INFO
2017-04-27 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2017-1110-1.nasl - Type: ACT_GATHER_INFO
2017-04-03 Name: The remote OracleVM host is missing one or more security updates.
File: oraclevm_OVMSA-2017-0057.nasl - Type: ACT_GATHER_INFO
2017-02-28 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL16347.nasl - Type: ACT_GATHER_INFO
2017-01-20 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201701-47.nasl - Type: ACT_GATHER_INFO
2017-01-16 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201701-36.nasl - Type: ACT_GATHER_INFO
2017-01-03 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201701-06.nasl - Type: ACT_GATHER_INFO
2016-12-15 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-3157-1.nasl - Type: ACT_GATHER_INFO
2016-12-08 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201612-24.nasl - Type: ACT_GATHER_INFO
2016-11-02 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201611-01.nasl - Type: ACT_GATHER_INFO
2016-08-29 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2016-1638-1.nasl - Type: ACT_GATHER_INFO