This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Canonical First view 2005-01-10
Product Ubuntu Linux Last view 2021-04-17
Version 4.10 Type Os
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:canonical:ubuntu_linux

Activity : Overall

Related : CVE

  Date Alert Description
7.8 2021-04-17 CVE-2021-3493

The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the Ubuntu kernel to allow unprivileged overlay mounts, an attacker could use this to gain elevated privileges.

7.8 2021-04-17 CVE-2021-3492

Shiftfs, an out-of-tree stacking file system included in Ubuntu Linux kernels, did not properly handle faults occurring during copy_from_user() correctly. These could lead to either a double-free situation or memory not being freed at all. An attacker could use this to cause a denial of service (kernel memory exhaustion) or gain privileges via executing arbitrary code. AKA ZDI-CAN-13562.

7.8 2016-12-16 CVE-2016-9950

An issue was discovered in Apport before 2.20.4. There is a path traversal issue in the Apport crash file "Package" and "SourcePackage" fields. These fields are used to build a path to the package specific hook files in the /usr/share/apport/package-hooks/ directory. An attacker can exploit this path traversal to execute arbitrary Python files from the local system.

7.8 2016-12-16 CVE-2016-9949

An issue was discovered in Apport before 2.20.4. In apport/ui.py, Apport reads the CrashDB field and it then evaluates the field as Python code if it begins with a "{". This allows remote attackers to execute arbitrary Python code.

7.8 2016-11-27 CVE-2015-1328

The overlayfs implementation in the linux (aka Linux kernel) package before 3.19.0-21.21 in Ubuntu through 15.04 does not properly check permissions for file creation in the upper filesystem directory, which allows local users to obtain root access by leveraging a configuration in which overlayfs is permitted in an arbitrary mount namespace.

4.3 2006-04-14 CVE-2006-1741

Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to inject arbitrary Javascript into other sites by (1) "using a modal alert to suspend an event handler while a new page is being loaded", (2) using eval(), and using certain variants involving (3) "new Script;" and (4) using window.__proto__ to extend eval, aka "cross-site JavaScript injection".

4.3 2006-04-14 CVE-2006-1729

Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to read arbitrary files by (1) inserting the target filename into a text box, then turning that box into a file upload control, or (2) changing the type of the input control that is associated with an event handler.

9.3 2006-04-14 CVE-2006-1728

Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via unknown vectors related to the crypto.generateCRMFRequest method.

7.6 2006-04-14 CVE-2006-1727

Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to gain chrome privileges via multiple attack vectors related to the use of XBL scripts with "Print Preview".

3.6 2005-09-14 CVE-2005-2492

The raw_sendmsg function in the Linux kernel 2.6 before 2.6.13.1 allows local users to cause a denial of service (change hardware state) or read from arbitrary memory via crafted input.

5 2005-05-19 CVE-2005-1260

bzip2 allows remote attackers to cause a denial of service (hard drive consumption) via a crafted bzip2 file that causes an infinite loop (a.k.a "decompression bomb").

4.6 2005-05-13 CVE-2005-0758

zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script.

10 2005-01-10 CVE-2004-1064

The safe mode checks in PHP 4.x to 4.3.9 and PHP 5.x to 5.0.2 truncate the file path before passing the data to the realpath function, which could allow attackers to bypass safe mode. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a result of further discussion.

10 2005-01-10 CVE-2004-1063

PHP 4.x to 4.3.9, and PHP 5.x to 5.0.2, when running in safe mode on a multithreaded Unix webserver, allows local users to bypass safe_mode_exec_dir restrictions and execute commands outside of the intended safe_mode_exec_dir via shell metacharacters in the current directory name. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a result of further discussion.

10 2005-01-10 CVE-2004-1018

Multiple integer handling errors in PHP before 4.3.10 allow attackers to bypass safe mode restrictions, cause a denial of service, or execute arbitrary code via (1) a negative offset value to the shmop_write function, (2) an "integer overflow/underflow" in the pack function, or (3) an "integer overflow/underflow" in the unpack function. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a result of further discussion.

CWE : Common Weakness Enumeration

%idName
20% (2) CWE-264 Permissions, Privileges, and Access Controls
10% (1) CWE-415 Double Free
10% (1) CWE-401 Failure to Release Memory Before Removing Last Reference ('Memory L...
10% (1) CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')
10% (1) CWE-269 Improper Privilege Management
10% (1) CWE-94 Failure to Control Generation of Code ('Code Injection')
10% (1) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
10% (1) CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path ...
10% (1) CWE-20 Improper Input Validation

SAINT Exploits

Description Link
Ubuntu overlayfs privilege elevation More info here

Open Source Vulnerability Database (OSVDB)

id Description
34717 PHP shmop_write() Arbitrary Memory Manipulation
24680 Mozilla Multiple Products XBL Control Print Preview Privilege Escalation
24679 Mozilla Multiple Products crypto.generateCRMFRequest Method Arbitrary Code Ex...
24678 Mozilla Multiple Products Text Box Arbitrary File Access
24658 Mozilla Multiple Products Modal Alert Suspended Handler XSS
19261 Linux Kernel raw_sendmsg() Unspecified Memory Manipulation
16767 bzip2 Malformed Archive Decompression DoS
16371 zgrep Unspecified Arbitrary Command Execution
12413 PHP realpath() Truncation Arbitrary File Inclusion
12412 PHP Multithreaded safe_mode_exec_dir Restriction Bypass
12411 PHP unpack() Function Heap Information Leak
12410 PHP pack() Function Overflow

OpenVAS Exploits

id Description
2009-11-17 Name : Mac OS X Version
File : nvt/macosx_version.nasl
2009-10-10 Name : SLES9: Security update for Mozilla suite
File : nvt/sles9p5019559.nasl
2009-10-10 Name : SLES9: Security update for bzip2
File : nvt/sles9p5010943.nasl
2009-05-05 Name : HP-UX Update for Thunderbird HPSBUX02156
File : nvt/gb_hp_ux_HPSBUX02156.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200605-09 (mozilla-thunderbird)
File : nvt/glsa_200605_09.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200604-18 (mozilla)
File : nvt/glsa_200604_18.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200604-12 (mozilla-firefox)
File : nvt/glsa_200604_12.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200505-05 (gzip)
File : nvt/glsa_200505_05.nasl
2008-09-04 Name : FreeBSD Ports: firefox
File : nvt/freebsd_firefox22.nasl
2008-09-04 Name : FreeBSD Ports: bzip2
File : nvt/freebsd_bzip2.nasl
2008-01-17 Name : Debian Security Advisory DSA 1044-1 (mozilla-firefox)
File : nvt/deb_1044_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 741-1 (bzip2)
File : nvt/deb_741_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 1134-1 (mozilla-thunderbird)
File : nvt/deb_1134_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 1120-1 (mozilla-firefox)
File : nvt/deb_1120_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 1118-1 (mozilla)
File : nvt/deb_1118_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 1051-1 (mozilla-thunderbird)
File : nvt/deb_1051_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 1046-1 (mozilla)
File : nvt/deb_1046_1.nasl
0000-00-00 Name : Slackware Advisory SSA:2006-262-01 gzip
File : nvt/esoft_slk_ssa_2006_262_01.nasl

Snort® IPS/IDS

Date Description
2017-01-19 Ubuntu Apport CrashDB crash report code injection attempt
RuleID : 41041 - Type : OS-LINUX - Revision : 2
2017-01-19 Ubuntu Apport CrashDB crash report code injection attempt
RuleID : 41040 - Type : OS-LINUX - Revision : 2

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2016-12-15 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-3157-1.nasl - Type: ACT_GATHER_INFO
2015-06-22 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-2646-2.nasl - Type: ACT_GATHER_INFO
2015-06-22 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-2640-2.nasl - Type: ACT_GATHER_INFO
2015-06-22 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-2642-2.nasl - Type: ACT_GATHER_INFO
2015-06-22 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-2644-2.nasl - Type: ACT_GATHER_INFO
2015-06-22 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-2643-2.nasl - Type: ACT_GATHER_INFO
2015-06-16 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-2645-1.nasl - Type: ACT_GATHER_INFO
2015-06-16 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-2646-1.nasl - Type: ACT_GATHER_INFO
2015-06-16 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-2644-1.nasl - Type: ACT_GATHER_INFO
2015-06-16 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-2643-1.nasl - Type: ACT_GATHER_INFO
2015-06-16 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-2642-1.nasl - Type: ACT_GATHER_INFO
2015-06-16 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-2640-1.nasl - Type: ACT_GATHER_INFO
2015-06-16 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-2647-1.nasl - Type: ACT_GATHER_INFO
2009-09-24 Name: The remote SuSE 9 host is missing a security-related patch.
File: suse9_10057.nasl - Type: ACT_GATHER_INFO
2007-12-21 Name: A web browser on the remote host is prone to multiple flaws.
File: mozilla_firefox_108.nasl - Type: ACT_GATHER_INFO
2007-11-14 Name: The remote host is missing a Mac OS X update which fixes a security issue.
File: macosx_10_4_11.nasl - Type: ACT_GATHER_INFO
2007-11-10 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-323-1.nasl - Type: ACT_GATHER_INFO
2007-11-10 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-296-2.nasl - Type: ACT_GATHER_INFO
2007-11-10 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-296-1.nasl - Type: ACT_GATHER_INFO
2007-10-17 Name: The remote openSUSE host is missing a security update.
File: suse_MozillaFirefox-1585.nasl - Type: ACT_GATHER_INFO
2007-08-02 Name: The remote host is missing a Mac OS X update that fixes various security issues.
File: macosx_SecUpd2007-007.nasl - Type: ACT_GATHER_INFO
2007-02-18 Name: The remote host is missing Sun Security Patch number 120671-08
File: solaris9_120671.nasl - Type: ACT_GATHER_INFO
2007-02-18 Name: The remote host is missing Sun Security Patch number 120671-08
File: solaris8_120671.nasl - Type: ACT_GATHER_INFO
2007-01-17 Name: The remote Fedora Core host is missing a security update.
File: fedora_2006-490.nasl - Type: ACT_GATHER_INFO
2007-01-17 Name: The remote Fedora Core host is missing a security update.
File: fedora_2006-489.nasl - Type: ACT_GATHER_INFO