This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Canonical First view 2016-05-09
Product Ubuntu Linux Last view 2018-02-02
Version 17.04 Type Os
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:canonical:ubuntu_linux

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
7.8 2018-02-02 CVE-2017-14180

Apport 2.13 through 2.20.7 does not properly handle crashes originating from a PID namespace allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion or possibly gain root privileges, a different vulnerability than CVE-2017-14179.

7.8 2018-02-02 CVE-2017-14179

Apport before 2.13 does not properly handle crashes originating from a PID namespace allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion, possibly gain root privileges, or escape from containers.

7.8 2018-02-02 CVE-2017-14177

Apport through 2.20.7 does not properly handle core dumps from setuid binaries allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion or possibly gain root privileges. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1324.

7.5 2018-01-06 CVE-2018-5205

When using incomplete escape codes, Irssi before 1.0.6 may access data beyond the end of the string.

5.6 2018-01-04 CVE-2017-5753

Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

7.5 2017-12-01 CVE-2017-16612

libXcursor before 1.1.15 has various integer overflows that could lead to heap buffer overflows when processing malicious cursors, e.g., with programs like GIMP. It is also possible that an attack vector exists against the related code in cursor/xcursor.c in Wayland through 1.14.0.

5.5 2017-12-01 CVE-2017-16611

In libXfont before 1.5.4 and libXfont2 before 2.0.3, a local attacker can open (but not read) files on the system as root, triggering tape rewinds, watchdogs, or similar mechanisms that can be triggered by opening files.

7.5 2017-11-27 CVE-2017-15275

Samba before 4.7.3 might allow remote attackers to obtain sensitive information by leveraging failure of the server to clear allocated heap memory.

9.8 2017-11-27 CVE-2017-14746

Use-after-free vulnerability in Samba 4.x before 4.7.3 allows remote attackers to execute arbitrary code via a crafted SMB1 request.

8.8 2017-11-27 CVE-2017-14176

Bazaar through 2.7.0, when Subprocess SSH is used, allows remote attackers to execute arbitrary commands via a bzr+ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-16228, CVE-2017-1000116, and CVE-2017-1000117.

5.5 2017-11-13 CVE-2017-8806

The Debian pg_ctlcluster, pg_createcluster, and pg_upgradecluster scripts, as distributed in the Debian postgresql-common package before 181+deb9u1 for PostgreSQL (and other packages related to Debian and Ubuntu), handled symbolic links insecurely, which could result in local denial of service by overwriting arbitrary files.

5.3 2017-10-17 CVE-2017-13088

Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.

5.3 2017-10-17 CVE-2017-13087

Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.

6.8 2017-10-17 CVE-2017-13086

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

6.8 2017-10-17 CVE-2017-13084

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL) Transient Key (STK) during the PeerKey handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

8.1 2017-10-17 CVE-2017-13082

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

5.3 2017-10-17 CVE-2017-13081

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients.

5.3 2017-10-17 CVE-2017-13080

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.

5.3 2017-10-17 CVE-2017-13079

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients.

5.3 2017-10-17 CVE-2017-13078

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients.

6.8 2017-10-16 CVE-2017-13077

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

9.8 2017-10-03 CVE-2017-14491

Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.

7.5 2017-10-02 CVE-2017-14496

Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request.

7.5 2017-10-02 CVE-2017-14495

Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service (memory consumption) via vectors involving DNS response creation.

5.9 2017-10-02 CVE-2017-14494

dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory information via vectors involving handling DHCPv6 forwarded requests.

CWE : Common Weakness Enumeration

%idName
33% (10) CWE-330 Use of Insufficiently Random Values
16% (5) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
10% (3) CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')
10% (3) CWE-20 Improper Input Validation
6% (2) CWE-200 Information Exposure
6% (2) CWE-59 Improper Link Resolution Before File Access ('Link Following')
3% (1) CWE-772 Missing Release of Resource after Effective Lifetime
3% (1) CWE-416 Use After Free
3% (1) CWE-191 Integer Underflow (Wrap or Wraparound)
3% (1) CWE-190 Integer Overflow or Wraparound
3% (1) CWE-134 Uncontrolled Format String

Snort® IPS/IDS

Date Description
2020-02-04 dnsmasq crafted OPT record denial of service attempt
RuleID : 52524 - Type : PROTOCOL-DNS - Revision : 1
2018-10-25 dnsmasq add_pseudoheader memory leak attempt
RuleID : 47881 - Type : PROTOCOL-DNS - Revision : 2
2018-02-20 Intel x64 side-channel analysis information leak attempt
RuleID : 45444 - Type : OS-OTHER - Revision : 2
2018-02-20 Intel x64 side-channel analysis information leak attempt
RuleID : 45443 - Type : OS-OTHER - Revision : 2
2018-02-06 Intel x64 side-channel analysis information leak attempt
RuleID : 45368 - Type : OS-OTHER - Revision : 2
2018-02-06 Intel x64 side-channel analysis information leak attempt
RuleID : 45367 - Type : OS-OTHER - Revision : 2
2018-02-06 Intel x86 side-channel analysis information leak attempt
RuleID : 45366 - Type : OS-OTHER - Revision : 2
2018-02-06 Intel x86 side-channel analysis information leak attempt
RuleID : 45365 - Type : OS-OTHER - Revision : 2
2018-02-06 Intel x86 side-channel analysis information leak attempt
RuleID : 45364 - Type : OS-OTHER - Revision : 2
2018-02-06 Intel x86 side-channel analysis information leak attempt
RuleID : 45363 - Type : OS-OTHER - Revision : 2
2018-02-06 Intel x86 side-channel analysis information leak attempt
RuleID : 45362 - Type : OS-OTHER - Revision : 2
2018-02-06 Intel x86 side-channel analysis information leak attempt
RuleID : 45361 - Type : OS-OTHER - Revision : 2
2018-02-06 Intel x86 side-channel analysis information leak attempt
RuleID : 45360 - Type : OS-OTHER - Revision : 2
2018-02-06 Intel x86 side-channel analysis information leak attempt
RuleID : 45359 - Type : OS-OTHER - Revision : 2
2018-02-06 Intel x86 side-channel analysis information leak attempt
RuleID : 45358 - Type : OS-OTHER - Revision : 2
2018-02-06 Intel x86 side-channel analysis information leak attempt
RuleID : 45357 - Type : OS-OTHER - Revision : 2
2018-01-23 Samba tree connect andx memory corruption attempt
RuleID : 45255 - Type : SERVER-SAMBA - Revision : 2
2017-11-28 WPA2 key reuse tool attempt
RuleID : 44640 - Type : POLICY-OTHER - Revision : 2
2017-11-07 dnsmasq add_pseudoheader integer underflow attempt
RuleID : 44482 - Type : PROTOCOL-DNS - Revision : 2
2017-11-07 dnsmasq IPv6 heap overflow attempt
RuleID : 44481 - Type : SERVER-OTHER - Revision : 2
2017-11-07 dnsmasq Relay-forw information leak attempt
RuleID : 44480 - Type : SERVER-OTHER - Revision : 2
2017-11-07 dnsmasq overly large DNS query denial of service attempt
RuleID : 44479 - Type : PROTOCOL-DNS - Revision : 3
2017-11-07 dnsmasq add_pseudoheader memory leak attempt
RuleID : 44478 - Type : PROTOCOL-DNS - Revision : 3
2017-11-07 dnsmasq dhcp6_maybe_relay stack buffer overflow attempt
RuleID : 44477 - Type : SERVER-OTHER - Revision : 2
2014-01-10 Oracle Secure Backup observice.exe dns response overflow attempt
RuleID : 20242 - Type : PROTOCOL-DNS - Revision : 10

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2018-11-27 Name: The remote Virtuozzo host is missing a security update.
File: Virtuozzo_VZLSA-2017-2838.nasl - Type: ACT_GATHER_INFO
2018-11-27 Name: The remote Virtuozzo host is missing a security update.
File: Virtuozzo_VZLSA-2017-2911.nasl - Type: ACT_GATHER_INFO
2018-11-21 Name: The remote EulerOS Virtualization host is missing multiple security updates.
File: EulerOS_SA-2018-1377.nasl - Type: ACT_GATHER_INFO
2018-11-13 Name: The remote Debian host is missing a security update.
File: debian_DLA-1573.nasl - Type: ACT_GATHER_INFO
2018-11-02 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL91229003.nasl - Type: ACT_GATHER_INFO
2018-10-31 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201810-06.nasl - Type: ACT_GATHER_INFO
2018-09-27 Name: The remote EulerOS host is missing multiple security updates.
File: EulerOS_SA-2018-1285.nasl - Type: ACT_GATHER_INFO
2018-09-18 Name: The remote EulerOS Virtualization host is missing multiple security updates.
File: EulerOS_SA-2018-1236.nasl - Type: ACT_GATHER_INFO
2018-09-18 Name: The remote EulerOS Virtualization host is missing multiple security updates.
File: EulerOS_SA-2018-1238.nasl - Type: ACT_GATHER_INFO
2018-09-07 Name: The remote Debian host is missing a security update.
File: debian_DLA-1497.nasl - Type: ACT_GATHER_INFO
2018-09-06 Name: The remote Debian host is missing a security update.
File: debian_DLA-1495.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2017-0035.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2017-0038.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2018-1_0-0098.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2018-1_0-0126.nasl - Type: ACT_GATHER_INFO
2018-07-24 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2018-2_0-0011.nasl - Type: ACT_GATHER_INFO
2018-07-20 Name: The remote Debian host is missing a security update.
File: debian_DLA-1423.nasl - Type: ACT_GATHER_INFO
2018-07-16 Name: The remote Debian host is missing a security update.
File: debian_DLA-1422.nasl - Type: ACT_GATHER_INFO
2018-05-23 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201805-07.nasl - Type: ACT_GATHER_INFO
2018-05-03 Name: The remote Debian host is missing a security update.
File: debian_DLA-1369.nasl - Type: ACT_GATHER_INFO
2018-05-02 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4187.nasl - Type: ACT_GATHER_INFO
2018-05-02 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4188.nasl - Type: ACT_GATHER_INFO
2018-04-18 Name: The remote Amazon Linux 2 host is missing a security update.
File: al2_ALAS-2018-956.nasl - Type: ACT_GATHER_INFO
2018-04-02 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4162.nasl - Type: ACT_GATHER_INFO
2018-03-29 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_1ce95bc7327811e8b52700012e582166.nasl - Type: ACT_GATHER_INFO