This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Canonical First view 2011-02-23
Product Ubuntu Linux Last view 2020-02-20
Version 11.04 Type Os
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:canonical:ubuntu_linux

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
5.5 2020-02-20 CVE-2011-2498

The Linux kernel from v2.3.36 before v2.6.39 allows local unprivileged users to cause a denial of service (memory consumption) by triggering creation of PTE pages.

4.4 2019-12-26 CVE-2012-2736

In NetworkManager 0.9.2.0, when a new wireless network was created with WPA/WPA2 security in AdHoc mode, it created an open/insecure network.

7.8 2016-12-16 CVE-2016-9950

An issue was discovered in Apport before 2.20.4. There is a path traversal issue in the Apport crash file "Package" and "SourcePackage" fields. These fields are used to build a path to the package specific hook files in the /usr/share/apport/package-hooks/ directory. An attacker can exploit this path traversal to execute arbitrary Python files from the local system.

7.8 2016-12-16 CVE-2016-9949

An issue was discovered in Apport before 2.20.4. In apport/ui.py, Apport reads the CrashDB field and it then evaluates the field as Python code if it begins with a "{". This allows remote attackers to execute arbitrary Python code.

7.8 2016-11-27 CVE-2015-1328

The overlayfs implementation in the linux (aka Linux kernel) package before 3.19.0-21.21 in Ubuntu through 15.04 does not properly check permissions for file creation in the upper filesystem directory, which allows local users to obtain root access by leveraging a configuration in which overlayfs is permitted in an arbitrary mount namespace.

2.1 2014-05-22 CVE-2012-6648

gdm/guest-session-cleanup.sh in gdm-guest-session 0.24 and earlier, as used in Ubuntu Linux 10.04 LTS, 10.10, and 11.04, allows local users to delete arbitrary files via a space in the name of a file in /tmp. NOTE: this identifier was SPLIT from CVE-2012-0943 per ADT1/ADT2 due to different codebases and affected versions. CVE-2012-0943 is used for the guest-account issue.

10 2014-05-21 CVE-2012-1166

The default keybindings for wwm in LTSP Display Manager (ldm) 2.2.x before 2.2.7 allow remote attackers to execute arbitrary commands via the KP_RETURN keybinding, which launches a terminal window.

4.3 2014-05-13 CVE-2011-4407

ppa.py in Software Properties before 0.81.13.3 does not validate the server certificate when downloading PPA GPG key fingerprints, which allows man-in-the-middle (MITM) attackers to spoof GPG keys for a package repository.

6.4 2014-04-27 CVE-2011-3152

DistUpgrade/DistUpgradeFetcherCore.py in Update Manager before 1:0.87.31.1, 1:0.134.x before 1:0.134.11.1, 1:0.142.x before 1:0.142.23.1, 1:0.150.x before 1:0.150.5.1, and 1:0.152.x before 1:0.152.25.5 on Ubuntu 8.04 through 11.10 does not verify the GPG signature before extracting an upgrade tarball, which allows man-in-the-middle attackers to (1) create or overwrite arbitrary files via a directory traversal attack using a crafted tar file, or (2) bypass authentication via a crafted meta-release file.

1.9 2014-04-17 CVE-2011-3154

DistUpgrade/DistUpgradeViewKDE.py in Update Manager before 1:0.87.31.1, 1:0.134.x before 1:0.134.11.1, 1:0.142.x before 1:0.142.23.1, 1:0.150.x before 1:0.150.5.1, and 1:0.152.x before 1:0.152.25.5 does not properly create temporary files, which allows local users to obtain the XAUTHORITY file content for a user via a symlink attack on the temporary file.

6.9 2014-04-15 CVE-2011-3628

Untrusted search path vulnerability in pam_motd (aka the MOTD module) in libpam-modules before 1.1.3-2ubuntu2.1 on Ubuntu 11.10, before 1.1.2-2ubuntu8.4 on Ubuntu 11.04, before 1.1.1-4ubuntu2.4 on Ubuntu 10.10, before 1.1.1-2ubuntu5.4 on Ubuntu 10.04 LTS, and before 0.99.7.1-5ubuntu6.5 on Ubuntu 8.04 LTS, when using certain configurations such as "session optional pam_motd.so", allows local users to gain privileges by modifying the PATH environment variable to reference a malicious command, as demonstrated via uname.

2.6 2014-02-28 CVE-2011-3634

methods/https.cc in apt before 0.8.11 accepts connections when the certificate host name fails validation and Verify-Host is enabled, which allows man-in-the-middle attackers to obtain repository credentials via unspecified vectors.

6.8 2014-02-10 CVE-2012-3406

The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka glibc) 2.5, 2.12, and probably other versions does not "properly restrict the use of" the alloca function when allocating the SPECS array, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (crash) or possibly execute arbitrary code via a crafted format string using positional parameters and a large number of format specifiers, a different vulnerability than CVE-2012-3404 and CVE-2012-3405.

5 2014-02-10 CVE-2012-3405

The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.14 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (segmentation fault and crash) via a format string with a large number of format specifiers that triggers "desynchronization within the buffer size handling," a different vulnerability than CVE-2012-3404.

5 2014-02-10 CVE-2012-3404

The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.12 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (stack corruption and crash) via a format string that uses positional parameters and many format specifiers.

4.6 2014-02-05 CVE-2011-4613

The X.Org X wrapper (xserver-wrapper.c) in Debian GNU/Linux and Ubuntu Linux does not properly verify the TTY of a user who is starting X, which allows local users to bypass intended access restrictions by associating stdin with a file that is misinterpreted as the console TTY.

4.3 2014-02-05 CVE-2011-3377

The web browser plug-in in IcedTea-Web 1.0.x before 1.0.6 and 1.1.x before 1.1.4 allows remote attackers to bypass the Same Origin Policy (SOP) and execute arbitrary script or establish network connections to unintended hosts via an applet whose origin has the same second-level domain, but a different sub-domain than the targeted domain.

6.8 2014-02-04 CVE-2011-2725

Directory traversal vulnerability in Ark 4.7.x and earlier allows remote attackers to delete and force the display of arbitrary files via .. (dot dot) sequences in a zip file.

2.1 2013-05-13 CVE-2013-1940

X.Org X server before 1.13.4 and 1.4.x before 1.14.1 does not properly restrict access to input events when adding a new hot-plug device, which might allow physically proximate attackers to obtain sensitive information, as demonstrated by reading passwords from a tty.

7.2 2012-11-23 CVE-2012-3515

Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a "device model's address space."

6.4 2012-10-29 CVE-2012-4196

Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 allow remote attackers to bypass the Same Origin Policy and read the Location object via a prototype property-injection attack that defeats certain protection mechanisms for this object.

4.3 2012-10-29 CVE-2012-4195

The nsLocation::CheckURL function in Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 does not properly determine the calling document and principal in its return value, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site, and makes it easier for remote attackers to execute arbitrary JavaScript code by leveraging certain add-on behavior.

4.3 2012-10-29 CVE-2012-4194

Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 do not prevent use of the valueOf method to shadow the location object (aka window.location), which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via vectors involving a plugin.

6.8 2012-10-12 CVE-2012-4193

Mozilla Firefox before 16.0.1, Firefox ESR 10.x before 10.0.9, Thunderbird before 16.0.1, Thunderbird ESR 10.x before 10.0.9, and SeaMonkey before 2.13.1 omit a security check in the defaultValue function during the unwrapping of security wrappers, which allows remote attackers to bypass the Same Origin Policy and read the properties of a Location object, or execute arbitrary JavaScript code, via a crafted web site.

9.3 2012-10-10 CVE-2012-4188

Heap-based buffer overflow in the Convolve3x3 function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code via unspecified vectors.

CWE : Common Weakness Enumeration

%idName
16% (11) CWE-20 Improper Input Validation
13% (9) CWE-264 Permissions, Privileges, and Access Controls
10% (7) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
9% (6) CWE-416 Use After Free
7% (5) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
4% (3) CWE-200 Information Exposure
4% (3) CWE-125 Out-of-bounds Read
4% (3) CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path ...
3% (2) CWE-310 Cryptographic Issues
3% (2) CWE-190 Integer Overflow or Wraparound
3% (2) CWE-189 Numeric Errors
1% (1) CWE-787 Out-of-bounds Write
1% (1) CWE-772 Missing Release of Resource after Effective Lifetime
1% (1) CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')
1% (1) CWE-399 Resource Management Errors
1% (1) CWE-346 Origin Validation Error
1% (1) CWE-306 Missing Authentication for Critical Function
1% (1) CWE-287 Improper Authentication
1% (1) CWE-255 Credentials Management
1% (1) CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflo...
1% (1) CWE-94 Failure to Control Generation of Code ('Code Injection')
1% (1) CWE-78 Improper Sanitization of Special Elements used in an OS Command ('O...
1% (1) CWE-74 Failure to Sanitize Data into a Different Plane ('Injection')
1% (1) CWE-59 Improper Link Resolution Before File Access ('Link Following')

SAINT Exploits

Description Link
Ubuntu overlayfs privilege elevation More info here

Open Source Vulnerability Database (OSVDB)

id Description
77642 Update Manager Tar File Handling MitM Remote Arbitrary File Overwrite
77641 Update Manager Insecure Temporary File Creation Local .XAUTHORITY File Discl...
77584 ISC DHCP Regular Expressions dhcpd.conf DHCP Request Packet Parsing Remote DoS
77451 apt Verify-Host Option SSL Certificate Validation MitM Remote Repository Cred...
77430 Ubuntu Software Center SSL Certificate Verification MitM Package Installation...
77214 system-config-printer cupshelper OpenPrinting Database Query MitM Package Ins...
76940 icedtea-web Web Browser Plugin Applet Handling Same Origin Policy Bypass
76805 Linux Kernel net/core/net_namespace.c Network Namespace Cleanup Weakness Remo...
75652 Qt src/3rdparty/harfbuzz/src/harfbuzz-gpos.c Font Handling Overflow
74675 Linux Kernel OOM Score Calculation PTE Page Handling DoS
74557 ISC DHCP Crafted BOOTP Packet Remote DoS
74556 ISC DHCP Crafted DHCP Packet Remote DoS
74180 KDE kdeutils Ark Traversal Arbitrary File Deletion
73984 libpng png_rgb_to_gray Function PNG File Handling Overflow
73982 libpng pngrutil.c png_handle_sCAL Function PNG File Handling Memory Corruptio...
73686 libcurl http_negotiate.c Curl_input_negotiate Function GSSAPI Credential Dele...
73493 libpng pngerror.c png_format_buffer() Off-by-one PNG Image Handling Remote DoS
73328 cURL GSSAPI Client Credential Remote Disclosure
73259 Eucalyptus SOAP Request Signed Element MiTM Arbitrary Command Execution
72542 Aptdaemon worker.py org.debian.apt.UpdateCachePartially Method sources_list A...

ExploitDB Exploits

id Description
18040 Xorg 1.4 to 1.11.2 File Permission Change PoC

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2013-09-18 Name : Debian Security Advisory DSA 2427-1 (imagemagick - several vulnerabilities)
File : nvt/deb_2427_1.nasl
2013-09-18 Name : Debian Security Advisory DSA 2462-2 (imagemagick - several vulnerabilities)
File : nvt/deb_2462_2.nasl
2012-12-27 Name : VMSA-2012-0018: VMware security updates for vCSA and ESXi
File : nvt/gb_VMSA-2012-0018.nasl
2012-12-18 Name : Fedora Update for xen FEDORA-2012-19828
File : nvt/gb_fedora_2012_19828_xen_fc16.nasl
2012-12-18 Name : Ubuntu Update for glibc USN-1589-2
File : nvt/gb_ubuntu_USN_1589_2.nasl
2012-12-14 Name : Fedora Update for xen FEDORA-2012-19717
File : nvt/gb_fedora_2012_19717_xen_fc17.nasl
2012-12-13 Name : SuSE Update for qemu openSUSE-SU-2012:1170-1 (qemu)
File : nvt/gb_suse_2012_1170_1.nasl
2012-12-13 Name : SuSE Update for Security openSUSE-SU-2012:1172-1 (Security)
File : nvt/gb_suse_2012_1172_1.nasl
2012-12-13 Name : SuSE Update for Security openSUSE-SU-2012:1174-1 (Security)
File : nvt/gb_suse_2012_1174_1.nasl
2012-12-13 Name : SuSE Update for MozillaFirefox openSUSE-SU-2012:1345-1 (MozillaFirefox)
File : nvt/gb_suse_2012_1345_1.nasl
2012-12-13 Name : SuSE Update for Mozilla Suite openSUSE-SU-2012:1412-1 (Mozilla Suite)
File : nvt/gb_suse_2012_1412_1.nasl
2012-12-13 Name : SuSE Update for XEN openSUSE-SU-2012:1572-1 (XEN)
File : nvt/gb_suse_2012_1572_1.nasl
2012-11-23 Name : Fedora Update for xen FEDORA-2012-18242
File : nvt/gb_fedora_2012_18242_xen_fc17.nasl
2012-11-23 Name : Fedora Update for xen FEDORA-2012-18249
File : nvt/gb_fedora_2012_18249_xen_fc16.nasl
2012-11-16 Name : Debian Security Advisory DSA 2569-1 (icedove)
File : nvt/deb_2569_1.nasl
2012-11-16 Name : Debian Security Advisory DSA 2572-1 (iceape)
File : nvt/deb_2572_1.nasl
2012-11-15 Name : Fedora Update for xen FEDORA-2012-17204
File : nvt/gb_fedora_2012_17204_xen_fc17.nasl
2012-11-15 Name : Fedora Update for xen FEDORA-2012-17408
File : nvt/gb_fedora_2012_17408_xen_fc16.nasl
2012-11-02 Name : CentOS Update for thunderbird CESA-2012:1413 centos5
File : nvt/gb_CESA-2012_1413_thunderbird_centos5.nasl
2012-11-02 Name : CentOS Update for thunderbird CESA-2012:1413 centos6
File : nvt/gb_CESA-2012_1413_thunderbird_centos6.nasl
2012-11-02 Name : RedHat Update for thunderbird RHSA-2012:1413-01
File : nvt/gb_RHSA-2012_1413-01_thunderbird.nasl
2012-11-02 Name : Mozilla Firefox Multiple Vulnerabilities - November12 (Mac OS X)
File : nvt/gb_mozilla_prdts_mult_vuln_nov12_macosx.nasl
2012-11-02 Name : Mozilla Firefox Multiple Vulnerabilities - November12 (Windows)
File : nvt/gb_mozilla_prdts_mult_vuln_nov12_win.nasl
2012-10-31 Name : Ubuntu Update for thunderbird USN-1620-2
File : nvt/gb_ubuntu_USN_1620_2.nasl
2012-10-29 Name : Debian Security Advisory DSA 2565-1 (iceweasel)
File : nvt/deb_2565_1.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2015-A-0038 Multiple Vulnerabilities in GNU C Library (glibc)
Severity: Category I - VMSKEY: V0058753
2012-B-0092 ISC DHCP Denial of Service Vulnerability
Severity: Category I - VMSKEY: V0033809
2012-A-0020 Multiple Vulnerabilities in VMware ESX 4.1 and ESXi 4.1
Severity: Category I - VMSKEY: V0031252

Snort® IPS/IDS

Date Description
2017-01-19 Ubuntu Apport CrashDB crash report code injection attempt
RuleID : 41041 - Type : OS-LINUX - Revision : 2
2017-01-19 Ubuntu Apport CrashDB crash report code injection attempt
RuleID : 41040 - Type : OS-LINUX - Revision : 2
2014-03-06 WAV processing buffer overflow attempt
RuleID : 29546 - Type : FILE-MULTIMEDIA - Revision : 4
2014-03-06 WAV processing buffer overflow attempt
RuleID : 29545 - Type : FILE-MULTIMEDIA - Revision : 4
2014-03-06 WAV processing buffer overflow attempt
RuleID : 29544 - Type : FILE-MULTIMEDIA - Revision : 4
2014-03-06 WAV processing buffer overflow attempt
RuleID : 29543 - Type : FILE-MULTIMEDIA - Revision : 4
2014-03-06 WAV processing buffer overflow attempt
RuleID : 29542 - Type : FILE-MULTIMEDIA - Revision : 3
2014-03-06 WAV processing buffer overflow attempt
RuleID : 29541 - Type : FILE-MULTIMEDIA - Revision : 3
2014-03-06 WAV processing buffer overflow attempt
RuleID : 29540 - Type : FILE-MULTIMEDIA - Revision : 3
2014-03-06 WAV processing buffer overflow attempt
RuleID : 29539 - Type : FILE-MULTIMEDIA - Revision : 3
2014-01-10 ImageMagick EXIF resolutionunit handling memory corruption attempt
RuleID : 25351 - Type : FILE-IMAGE - Revision : 2
2014-01-10 ImageMagick EXIF resolutionunit handling memory corruption attempt
RuleID : 25350 - Type : FILE-IMAGE - Revision : 2
2014-01-10 ImageMagick EXIF resolutionunit handling memory corruption attempt
RuleID : 25349 - Type : FILE-IMAGE - Revision : 2
2014-01-10 ImageMagick EXIF resolutionunit handling memory corruption attempt
RuleID : 25348 - Type : FILE-IMAGE - Revision : 9
2014-01-10 ImageMagick EXIF resolutionunit handling memory corruption attempt
RuleID : 25347 - Type : FILE-IMAGE - Revision : 8
2014-01-10 ImageMagick EXIF resolutionunit handling memory corruption attempt
RuleID : 25346 - Type : FILE-IMAGE - Revision : 9
2014-01-10 ISC dhcpd bootp request missing options field DOS attempt
RuleID : 25342 - Type : SERVER-OTHER - Revision : 8

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2016-12-15 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-3157-1.nasl - Type: ACT_GATHER_INFO
2016-06-22 Name: The remote OracleVM host is missing a security update.
File: oraclevm_OVMSA-2016-0056.nasl - Type: ACT_GATHER_INFO
2016-06-22 Name: The remote OracleVM host is missing a security update.
File: oraclevm_OVMSA-2016-0058.nasl - Type: ACT_GATHER_INFO
2016-04-07 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201604-03.nasl - Type: ACT_GATHER_INFO
2016-03-03 Name: The remote VMware ESXi / ESX host is missing a security-related patch.
File: vmware_VMSA-2012-0001_remote.nasl - Type: ACT_GATHER_INFO
2016-01-06 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL13405416.nasl - Type: ACT_GATHER_INFO
2015-06-22 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-2640-2.nasl - Type: ACT_GATHER_INFO
2015-06-22 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-2642-2.nasl - Type: ACT_GATHER_INFO
2015-06-22 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-2643-2.nasl - Type: ACT_GATHER_INFO
2015-06-22 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-2644-2.nasl - Type: ACT_GATHER_INFO
2015-06-22 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-2646-2.nasl - Type: ACT_GATHER_INFO
2015-06-16 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-2640-1.nasl - Type: ACT_GATHER_INFO
2015-06-16 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-2642-1.nasl - Type: ACT_GATHER_INFO
2015-06-16 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-2643-1.nasl - Type: ACT_GATHER_INFO
2015-06-16 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-2644-1.nasl - Type: ACT_GATHER_INFO
2015-06-16 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-2645-1.nasl - Type: ACT_GATHER_INFO
2015-06-16 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-2646-1.nasl - Type: ACT_GATHER_INFO
2015-06-16 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-2647-1.nasl - Type: ACT_GATHER_INFO
2015-06-12 Name: The remote OracleVM host is missing one or more security updates.
File: oraclevm_OVMSA-2015-0068.nasl - Type: ACT_GATHER_INFO
2015-05-20 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2012-1351-1.nasl - Type: ACT_GATHER_INFO
2015-05-20 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2012-1488-1.nasl - Type: ACT_GATHER_INFO
2015-05-20 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2013-0857-1.nasl - Type: ACT_GATHER_INFO
2015-05-20 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2013-1251-1.nasl - Type: ACT_GATHER_INFO
2015-04-06 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL16364.nasl - Type: ACT_GATHER_INFO
2015-03-30 Name: The remote Mandriva Linux host is missing one or more security updates.
File: mandriva_MDVSA-2015-168.nasl - Type: ACT_GATHER_INFO