Page 2 of 430 results (0.004 seconds)

CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 2

CVE-2016-9949 – Apport 2.x (Ubuntu Desktop 12.10 < 16.04) - Local Code Execution

https://notcve.org/view.php?id=CVE-2016-9949

An issue was discovered in Apport before 2.20.4. In apport/ui.py, Apport reads the CrashDB field and it then evaluates the field as Python code if it begins with a "{". This allows remote attackers to execute arbitrary Python code. Un problema fue descubierto en Apport en versiones anteriores a 2.20.4. En apport/ui.py, Apport lee el campo CashDB y después evalúa el campo como código Python si comienza con un "{". • https://www.exploit-db.com/exploits/40937 http://www.securityfocus.com/bid/95011 http://www.ubuntu.com/usn/USN-3157-1 https://bugs.launchpad.net/apport/+bug/1648806 https://donncha.is/2016/12/compromising-ubuntu-desktop https://github.com/DonnchaC/ubuntu-apport-exploitation • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 2

CVE-2016-9950 – Apport 2.x (Ubuntu Desktop 12.10 < 16.04) - Local Code Execution

https://notcve.org/view.php?id=CVE-2016-9950

An issue was discovered in Apport before 2.20.4. There is a path traversal issue in the Apport crash file "Package" and "SourcePackage" fields. These fields are used to build a path to the package specific hook files in the /usr/share/apport/package-hooks/ directory. An attacker can exploit this path traversal to execute arbitrary Python files from the local system. Un problema fue descubierto en Apport en versiones anteriores a 2.20.4. • https://www.exploit-db.com/exploits/40937 http://www.securityfocus.com/bid/95011 http://www.ubuntu.com/usn/USN-3157-1 https://bugs.launchpad.net/apport/+bug/1648806 https://donncha.is/2016/12/compromising-ubuntu-desktop https://github.com/DonnchaC/ubuntu-apport-exploitation • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 7

CVE-2015-1328 – Linux Kernel (Ubuntu / Fedora / RedHat) - 'Overlayfs' Local Privilege Escalation

https://notcve.org/view.php?id=CVE-2015-1328

The overlayfs implementation in the linux (aka Linux kernel) package before 3.19.0-21.21 in Ubuntu through 15.04 does not properly check permissions for file creation in the upper filesystem directory, which allows local users to obtain root access by leveraging a configuration in which overlayfs is permitted in an arbitrary mount namespace. La implementación de overlayfs en el paquete linux (también conocido como kernel Linux) en versiones anteriores a 3.19.0-21.21 en Ubuntu hasta la versión 15.04 no comprueba adecuadamente permisos para la creación de archivos en el directorio de sistema de archivos upper, lo que permite a usuarios locales obtener acceso de root aprovechando una configuración donde overlayfs es permitido en un espacio de nombre de montaje arbitrario. • https://www.exploit-db.com/exploits/40688 https://www.exploit-db.com/exploits/37293 https://www.exploit-db.com/exploits/37292 https://github.com/elit3pwner/CVE-2015-1328-GoldenEye https://github.com/notlikethis/CVE-2015-1328 https://github.com/SR7-HACKING/LINUX-VULNERABILITY-CVE-2015-1328 http://seclists.org/oss-sec/2015/q2/717 http://www.exploit-db.com/exploits/40688 http://www.securityfocus.com/bid/75206 https://people.canonical.com/~ubuntu-security/cve/2015/CVE • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 4.3EPSS: 0%CPEs: 30EXPL: 0

CVE-2015-0840

https://notcve.org/view.php?id=CVE-2015-0840

The dpkg-source command in Debian dpkg before 1.16.16 and 1.17.x before 1.17.25 allows remote attackers to bypass signature verification via a crafted Debian source control file (.dsc). El comando dpkg-source en Debian dpkg anterior a 1.16.16 y 1.17.x anterior a 1.17.25 permite a atacantes remotos evadir verificación de firmas a través de un fichero de control de fuentes de Debian (.dsc) manipulado. • http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157387.html http://lists.opensuse.org/opensuse-updates/2015-06/msg00029.html http://www.debian.org/security/2015/dsa-3217 http://www.ubuntu.com/usn/USN-2566-1 • CWE-284: Improper Access Control •

CVSS: 10.0EPSS: 1%CPEs: 9EXPL: 0

CVE-2015-2806 – libtasn1: stack overflow in asn1_der_decoding

https://notcve.org/view.php?id=CVE-2015-2806

Stack-based buffer overflow in asn1_der_decoding in libtasn1 before 4.4 allows remote attackers to have unspecified impact via unknown vectors. Desbordamiento de buffer basado en pila en asn1_der_decoding en libtasn1 anterior a 4.4 permite a atacantes remotos tener un impacto no especificado a través de vectores desconocidos. A stack-based buffer overflow was found in the way libtasn1 decoded certain DER encoded data. An attacker could use this flaw to crash an application using the libtasn1 library. • http://git.savannah.gnu.org/gitweb/?p=libtasn1.git%3Ba=commit%3Bh=4d4f992826a4962790ecd0cce6fbba4a415ce149 http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154741.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154805.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155117.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155270.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155435.html http://lists. • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •