This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Canonical First view 2012-05-31
Product Ubuntu Linux Last view 2016-12-16
Version 12.04 Type Os
Update -  
Edition lts  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:canonical:ubuntu_linux

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
7.8 2016-12-16 CVE-2016-9950

An issue was discovered in Apport before 2.20.4. There is a path traversal issue in the Apport crash file "Package" and "SourcePackage" fields. These fields are used to build a path to the package specific hook files in the /usr/share/apport/package-hooks/ directory. An attacker can exploit this path traversal to execute arbitrary Python files from the local system.

7.8 2016-12-16 CVE-2016-9949

An issue was discovered in Apport before 2.20.4. In apport/ui.py, Apport reads the CrashDB field and it then evaluates the field as Python code if it begins with a "{". This allows remote attackers to execute arbitrary Python code.

7.8 2016-11-27 CVE-2015-1328

The overlayfs implementation in the linux (aka Linux kernel) package before 3.19.0-21.21 in Ubuntu through 15.04 does not properly check permissions for file creation in the upper filesystem directory, which allows local users to obtain root access by leveraging a configuration in which overlayfs is permitted in an arbitrary mount namespace.

7.8 2016-05-23 CVE-2016-4805

Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the Linux kernel before 4.5.2 allows local users to cause a denial of service (memory corruption and system crash, or spinlock) or possibly have unspecified other impact by removing a network namespace, related to the ppp_register_net_channel and ppp_unregister_channel functions.

7.8 2016-02-18 CVE-2016-0794

The lwp filter in LibreOffice before 5.0.4 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted LotusWordPro (lwp) document.

2.1 2015-07-16 CVE-2015-2661

Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows local users to affect availability via unknown vectors related to Client.

7.8 2015-02-24 CVE-2014-9402

The nss_dns implementation of getnetbyname in GNU C Library (aka glibc) before 2.21, when the DNS backend in the Name Service Switch configuration is enabled, allows remote attackers to cause a denial of service (infinite loop) by sending a positive answer while a network name is being process.

5 2014-11-14 CVE-2014-7815

The set_pixel_format function in ui/vnc.c in QEMU allows remote attackers to cause a denial of service (crash) via a small bytes_per_pixel value.

5 2014-11-03 CVE-2014-8080

The REXML parser in Ruby 1.9.x before 1.9.3-p550, 2.0.x before 2.0.0-p594, and 2.1.x before 2.1.4 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document, aka an XML Entity Expansion (XEE) attack.

6.8 2014-10-20 CVE-2014-3564

Multiple heap-based buffer overflows in the status_handler function in (1) engine-gpgsm.c and (2) engine-uiserver.c in GPGME before 1.5.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to "different line lengths in a specific order."

6.8 2014-10-15 CVE-2014-3686

wpa_supplicant and hostapd 0.7.2 through 2.2, when running with certain configurations and using wpa_cli or hostapd_cli with action scripts, allows remote attackers to execute arbitrary commands via a crafted frame.

7.5 2014-09-08 CVE-2014-3618

Heap-based buffer overflow in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted email header, related to "unbalanced quotes."

6.9 2014-08-19 CVE-2014-5033

KDE kdelibs before 4.14 and kauth before 5.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, related to CVE-2013-4288 and "PID reuse race conditions."

4 2014-08-19 CVE-2014-3528

Apache Subversion 1.0.0 through 1.7.x before 1.7.17 and 1.8.x before 1.8.10 uses an MD5 hash of the URL and authentication realm to store cached credentials, which makes it easier for remote servers to obtain the credentials via a crafted authentication realm.

4 2014-08-19 CVE-2014-3522

The Serf RA layer in Apache Subversion 1.4.0 through 1.7.x before 1.7.18 and 1.8.x before 1.8.10 does not properly handle wildcards in the Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof servers via a crafted certificate.

4 2014-08-19 CVE-2014-3504

The (1) serf_ssl_cert_issuer, (2) serf_ssl_cert_subject, and (3) serf_ssl_cert_certificate functions in Serf 0.2.0 through 1.3.x before 1.3.7 does not properly handle a NUL byte in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.

6.8 2014-07-29 CVE-2014-4909

Integer overflow in the tr_bitfieldEnsureNthBitAlloced function in bitfield.c in Transmission before 2.84 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted peer message, which triggers an out-of-bounds write.

6.9 2014-07-24 CVE-2014-1419

Race condition in the power policy functions in policy-funcs in acpi-support before 0.142 allows local users to gain privileges via unspecified vectors.

1.2 2014-07-23 CVE-2014-3537

The web interface in CUPS before 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/.

4.3 2014-05-16 CVE-2014-3730

The django.util.http.is_safe_url function in Django 1.4 before 1.4.13, 1.5 before 1.5.8, 1.6 before 1.6.5, and 1.7 before 1.7b4 does not properly validate URLs, which allows remote attackers to conduct open redirect attacks via a malformed URL, as demonstrated by "http:\\\djangoproject.com."

6.4 2014-05-16 CVE-2014-1418

Django 1.4 before 1.4.13, 1.5 before 1.5.8, 1.6 before 1.6.5, and 1.7 before 1.7b4 does not properly include the (1) Vary: Cookie or (2) Cache-Control header in responses, which allows remote attackers to obtain sensitive information or poison the cache via a request from certain browsers.

7.5 2014-05-15 CVE-2014-0211

Multiple integer overflows in the (1) fs_get_reply, (2) fs_alloc_glyphs, and (3) fs_read_extent_info functions in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 allow remote font servers to execute arbitrary code via a crafted xfs reply, which triggers a buffer overflow.

7.5 2014-05-15 CVE-2014-0210

Multiple buffer overflows in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 allow remote font servers to execute arbitrary code via a crafted xfs protocol reply to the (1) _fs_recv_conn_setup, (2) fs_read_open_font, (3) fs_read_query_info, (4) fs_read_extent_info, (5) fs_read_glyphs, (6) fs_read_list, or (7) fs_read_list_info function.

4.6 2014-05-15 CVE-2014-0209

Multiple integer overflows in the (1) FontFileAddEntry and (2) lexAlias functions in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 might allow local users to gain privileges by adding a directory with a large fonts.dir or fonts.alias file to the font path, which triggers a heap-based buffer overflow, related to metadata.

4.9 2014-05-08 CVE-2013-4544

hw/net/vmxnet3.c in QEMU 2.0.0-rc0, 1.7.1, and earlier allows local guest users to cause a denial of service or possibly execute arbitrary code via vectors related to (1) RX or (2) TX queue numbers or (3) interrupt indices. NOTE: some of these details are obtained from third party information.

CWE : Common Weakness Enumeration

%idName
20% (19) CWE-264 Permissions, Privileges, and Access Controls
17% (16) CWE-20 Improper Input Validation
15% (14) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
12% (12) CWE-189 Numeric Errors
7% (7) CWE-399 Resource Management Errors
7% (7) CWE-200 Information Exposure
4% (4) CWE-362 Race Condition
4% (4) CWE-310 Cryptographic Issues
3% (3) CWE-94 Failure to Control Generation of Code ('Code Injection')
2% (2) CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path ...
1% (1) CWE-416 Use After Free
1% (1) CWE-297 Improper Validation of Host-specific Certificate Data
1% (1) CWE-284 Access Control (Authorization) Issues
1% (1) CWE-255 Credentials Management
1% (1) CWE-59 Improper Link Resolution Before File Access ('Link Following')

SAINT Exploits

Description Link
Ubuntu overlayfs privilege elevation More info here

ExploitDB Exploits

id Description
28338 Vino VNC Server 3.7.3 - Persistent Denial of Service

OpenVAS Exploits

id Description
2012-12-27 Name : VMSA-2012-0018: VMware security updates for vCSA and ESXi
File : nvt/gb_VMSA-2012-0018.nasl
2012-12-26 Name : Fedora Update for qt FEDORA-2012-19715
File : nvt/gb_fedora_2012_19715_qt_fc16.nasl
2012-12-18 Name : Ubuntu Update for glibc USN-1589-2
File : nvt/gb_ubuntu_USN_1589_2.nasl
2012-12-18 Name : Ubuntu Update for aptdaemon USN-1666-1
File : nvt/gb_ubuntu_USN_1666_1.nasl
2012-12-14 Name : Fedora Update for qt FEDORA-2012-19759
File : nvt/gb_fedora_2012_19759_qt_fc17.nasl
2012-10-03 Name : Ubuntu Update for eglibc USN-1589-1
File : nvt/gb_ubuntu_USN_1589_1.nasl
2012-08-30 Name : Fedora Update for glibc FEDORA-2012-11508
File : nvt/gb_fedora_2012_11508_glibc_fc17.nasl
2012-07-30 Name : CentOS Update for glibc CESA-2012:1097 centos5
File : nvt/gb_CESA-2012_1097_glibc_centos5.nasl
2012-07-30 Name : CentOS Update for glibc CESA-2012:1098 centos6
File : nvt/gb_CESA-2012_1098_glibc_centos6.nasl
2012-07-19 Name : RedHat Update for glibc RHSA-2012:1097-01
File : nvt/gb_RHSA-2012_1097-01_glibc.nasl
2012-07-19 Name : RedHat Update for glibc RHSA-2012:1098-01
File : nvt/gb_RHSA-2012_1098-01_glibc.nasl
2012-06-08 Name : Ubuntu Update for update-manager USN-1443-2
File : nvt/gb_ubuntu_USN_1443_2.nasl
2012-06-08 Name : Ubuntu Update for ubuntuone-client USN-1465-1
File : nvt/gb_ubuntu_USN_1465_1.nasl
2012-06-08 Name : Ubuntu Update for ubuntuone-storage-protocol USN-1465-2
File : nvt/gb_ubuntu_USN_1465_2.nasl
2012-06-08 Name : Ubuntu Update for ubuntuone-client USN-1465-3
File : nvt/gb_ubuntu_USN_1465_3.nasl
2012-05-22 Name : Ubuntu Update for update-manager USN-1443-1
File : nvt/gb_ubuntu_USN_1443_1.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2015-A-0155 Multiple Vulnerabilities in Oracle MySQL Product Suite
Severity: Category I - VMSKEY: V0061083
2015-A-0038 Multiple Vulnerabilities in GNU C Library (glibc)
Severity: Category I - VMSKEY: V0058753
2014-A-0062 Multiple Vulnerabilities In McAfee Email Gateway
Severity: Category I - VMSKEY: V0050005
2014-A-0030 Apple Mac OS X Security Update 2014-001
Severity: Category I - VMSKEY: V0044547
2014-A-0009 Multiple Vulnerabilities in Oracle Fusion Middleware
Severity: Category I - VMSKEY: V0043395
2013-A-0179 Apple Mac OS X Security Update 2013-004
Severity: Category I - VMSKEY: V0040373
2013-B-0093 Multiple Vulnerabilities in PHP
Severity: Category I - VMSKEY: V0040108
2013-B-0061 Multiple Vulnerabilities in Red Hat Enterprise Linux Version 6 Products
Severity: Category I - VMSKEY: V0038873
2013-B-0035 Multiple Vulnerabilities in PostgreSQL
Severity: Category I - VMSKEY: V0037619

Snort® IPS/IDS

Date Description
2017-01-19 Ubuntu Apport CrashDB crash report code injection attempt
RuleID : 41041 - Type : OS-LINUX - Revision : 2
2017-01-19 Ubuntu Apport CrashDB crash report code injection attempt
RuleID : 41040 - Type : OS-LINUX - Revision : 2
2015-10-01 QEMU VNC set-pixel-format memory corruption attempt
RuleID : 35851 - Type : SERVER-OTHER - Revision : 2
2014-06-28 Vino VNC multiple client authentication denial of service attempt
RuleID : 31082 - Type : SERVER-OTHER - Revision : 4
2014-01-10 PostgreSQL database name command line injection attempt
RuleID : 26586 - Type : SERVER-OTHER - Revision : 4

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2018-12-18 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL16365.nasl - Type: ACT_GATHER_INFO
2018-11-21 Name: The remote EulerOS Virtualization host is missing multiple security updates.
File: EulerOS_SA-2018-1374.nasl - Type: ACT_GATHER_INFO
2018-10-26 Name: The remote EulerOS Virtualization host is missing multiple security updates.
File: EulerOS_SA-2018-1344.nasl - Type: ACT_GATHER_INFO
2018-09-18 Name: The remote EulerOS Virtualization host is missing a security update.
File: EulerOS_SA-2018-1272.nasl - Type: ACT_GATHER_INFO
2018-05-11 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2018-1017.nasl - Type: ACT_GATHER_INFO
2018-04-27 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2018-0805.nasl - Type: ACT_GATHER_INFO
2017-12-08 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2017-3231-1.nasl - Type: ACT_GATHER_INFO
2017-09-25 Name: The remote Debian host is missing a security update.
File: debian_DLA-1107.nasl - Type: ACT_GATHER_INFO
2017-08-08 Name: The remote EulerOS host is missing multiple security updates.
File: EulerOS_SA-2017-1146.nasl - Type: ACT_GATHER_INFO
2017-08-08 Name: The remote EulerOS host is missing multiple security updates.
File: EulerOS_SA-2017-1147.nasl - Type: ACT_GATHER_INFO
2017-05-02 Name: An application installed on the remote host is affected by multiple vulnerabi...
File: oracle_secure_global_desktop_apr_2017_cpu.nasl - Type: ACT_GATHER_INFO
2017-01-31 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2017-0333-1.nasl - Type: ACT_GATHER_INFO
2016-12-15 Name: The remote Scientific Linux host is missing one or more security updates.
File: sl_20161103_libreoffice_on_SL7_x.nasl - Type: ACT_GATHER_INFO
2016-12-15 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-3157-1.nasl - Type: ACT_GATHER_INFO
2016-11-28 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2016-2579.nasl - Type: ACT_GATHER_INFO
2016-11-11 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2016-2579.nasl - Type: ACT_GATHER_INFO
2016-11-04 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2016-2579.nasl - Type: ACT_GATHER_INFO
2016-10-26 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2016-2628-1.nasl - Type: ACT_GATHER_INFO
2016-10-12 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201610-05.nasl - Type: ACT_GATHER_INFO
2016-10-12 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201610-06.nasl - Type: ACT_GATHER_INFO
2016-09-23 Name: The remote OracleVM host is missing one or more security updates.
File: oraclevm_OVMSA-2016-0100.nasl - Type: ACT_GATHER_INFO
2016-09-13 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2016-1076.nasl - Type: ACT_GATHER_INFO
2016-09-08 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2016-2245-1.nasl - Type: ACT_GATHER_INFO
2016-09-02 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2016-2105-1.nasl - Type: ACT_GATHER_INFO
2016-08-30 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2016-1029.nasl - Type: ACT_GATHER_INFO