Vulnerability Report |
|
This document reports on the results of the agreed security scan.
The report first summarises the results found. Then, for each host,
the report describes every issue found. Please consider the
advice given in each description, in order to rectify the issue.
Vendor security updates are not trusted. Overrides are off. Even when a result has an override, this report uses the actual threat of the result. Information on overrides is included in the report. Notes are included in the report. This report might not show details of all issues that were found. Issues with the threat level "Log" are not shown. Issues with the threat level "Debug" are not shown. Issues with the threat level "False Positive" are not shown. Only results with a minimum QoD of 70 are shown. This report contains all 329 results selected by the filtering described above. Before filtering there were 735 results. All dates are displayed using the timezone "Coordinated Universal Time", which is abbreviated "UTC". |
| Scan started: | Fri Aug 27 11:41:09 2021 UTC |
| Scan ended: | Fri Aug 27 11:57:08 2021 UTC |
| Task: | Example task full & fast |
Host Summary
| Host | Status | Start | End | High | Medium | Low | Log | False Positive | |
|---|---|---|---|---|---|---|---|---|---|
| 192.168.99.12 (demo-ms-server-2019.vscan.tech) |
Aug 27 11:41 |
Aug 27 11:57 |
31 | 9 | 1 | Filtered out | Filtered out | ||
| 192.168.99.28 (demo-ubuntu-18.vscan.tech) |
Aug 27 11:41 |
Aug 27 11:53 |
139 | 124 | 18 | Filtered out | Filtered out | ||
| 192.168.99.30 | Aug 27 11:41 |
Aug 27 11:52 |
0 | 2 | 3 | Filtered out | Filtered out | ||
| 192.168.99.25 | Aug 27 11:41 |
Aug 27 11:54 |
0 | 1 | 1 | Filtered out | Filtered out | ||
| Total: 4 | Aug 27 11:41 |
Aug 27 11:57 |
170 | 136 | 23 | Filtered out | Filtered out | ||
Host Authentications
| Host | Protocol | Result | Port/User |
|---|
Results per Host
Host 192.168.99.12 (demo-ms-server-2019.vscan.tech)
| Scanning of this host started at: | Fri Aug 27 11:41:35 2021 UTC |
| Number of results: | 41 |
Port Summary for Host 192.168.99.12
| Service (Port) | Threat Level |
|---|---|
| general/tcp | High |
| 135/tcp | Medium |
Security Issues for Host 192.168.99.12
This host is missing an important security update according to Microsoft KB4535101
Vulnerable range: 4.7 - 4.7.3569 File checked: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\System.workflow.runtime.dll File version: 4.7.3190.0
Successful exploitation will allow an attacker to run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system.
Solution type:VendorFix
The vendor has released updates. Please see the references for more information.
Microsoft .NET Framework 3.5, 4.7.2 and 4.8 on Microsoft Windows 10 version 1809 and Microsoft Windows Server 2019.
Multiple flaws exist due to:
- Microsoft .NET Framework fails to check the source markup of a file.
- Microsoft .NET Framework fails to validate input properly.
Checks if a vulnerable version is present on the target host.
Details: Microsoft .NET Framework Multiple RCE Vulnerabilities (KB4535101 (OID:1.3.6.1.4.1.25623.1.0.815898)
Version used: 2020-10-29T15:35:19Z
The Adobe Flash Player on the remote host has reached the End of Life (EOL) / is discontinued and should not be used anymore.
The "Adobe Flash Player" product on the remote host has reached the end of life. CPE: cpe:/a:adobe:flash_player_internet_explorer Location/URL: C:\Windows\SysWOW64 EOL date: 2020-12-31 EOL info: https://www.adobe.com/products/flashplayer/end-of-life.html
An EOL / discontinued product is not receiving any security updates from the vendor. Unfixed security vulnerabilities might be leveraged by an attacker to compromise the security of this host.
Solution type:WillNotFix
No solution was made available by the vendor. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one.
Note: The product has reached its EOL.
Checks if the target host is using an EOL / discontinued product.
Details: Adobe Flash Player End of Life (EOL) Detection (OID:1.3.6.1.4.1.25623.1.0.117197)
Version used: 2021-02-08T13:28:09Z
This host is missing a critical security update according to Microsoft KB4558998
Vulnerable range: 10.0.17763.0 - 10.0.17763.1338 File checked: C:\Windows\system32\Gdiplus.dll File version: 10.0.17763.1
Successful exploitation will allow an attacker to execute arbitrary code, elevate privilges, disclose sensitive information and denial of service attacks.
Solution type:VendorFix
The vendor has released updates. Please see the references for more information.
- Microsoft Windows 10 Version 1809 for 32-bit Systems
- Microsoft Windows 10 Version 1809 for x64-based Systems
- Microsoft Windows Server 2019
Multiple flaws exist due to:
- Windows Domain Name System servers fail to properly handle requests (SIGRed, CVE-2020-1350).
- Windows System Events Broker fails to properly handle file operations.
- Windows WalletService fails to properly handle objects in memory.
- Windows Mobile Device Management (MDM) Diagnostics fails to properly handle objects in memory.
- Windows Jet Database Engine fails to properly handle objects in memory.
- Windows Network Connections Service fails to properly handle objects in memory.
- SharedStream Library fails to handle objects in memory.
Please see the references for more information about the vulnerabilities.
Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB4558998) (OID:1.3.6.1.4.1.25623.1.0.817228)
Version used: 2020-10-29T15:35:19Z
This host is missing a critical security update according to Microsoft KB4532691
Vulnerable range: 10.0.17763.0 - 10.0.17763.1038 File checked: C:\Windows\system32\User32.dll File version: 10.0.17763.1
Successful exploitation will allow an attacker to execute arbitrary code, elevate privilges, disclose sensitive information and conduct denial of service attacks.
Solution type:VendorFix
The vendor has released updates. Please see the references for more information.
- Microsoft Windows 10 Version 1809 for 32-bit Systems
- Microsoft Windows 10 Version 1809 for x64-based Systems
- Microsoft Windows Server 2019
Multiple flaws exist due to:
- An error in Remote Desktop Services formerly known as Terminal Services, when an authenticated attacker abuses clipboard redirection.
- Multiple errors in the Windows Common Log File System (CLFS) driver which improperly handles objects in memory.
- An error in the Windows Data Sharing Service which improperly handles file operations.
- An error in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests.
- An error in the way that Windows handles objects in memory.
- An error when Microsoft Edge does not properly enforce cross-domain policies.
Please see the references for more information about the vulnerabilities.
Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB4532691) (OID:1.3.6.1.4.1.25623.1.0.816561)
Version used: 2020-10-29T15:35:19Z
This host is missing a critical security update according to Microsoft KB4538461
Vulnerable range: 10.0.17763.0 - 10.0.17763.1097 File checked: C:\Windows\system32\User32.dll File version: 10.0.17763.1
Successful exploitation will allow an attacker to execute arbitrary code, elevate privilges, disclose sensitive information, and conduct tampering attacks.
Solution type:VendorFix
The vendor has released updates. Please see the references for more information.
- Microsoft Windows 10 Version 1809 for 32-bit Systems
- Microsoft Windows 10 Version 1809 for x64-based Systems
- Microsoft Windows Server 2019
Multiple flaws exist due to:
- DirectX improperly handles objects in memory.
- Windows Error Reporting improperly handles memory.
- Windows GDI component improperly discloses the contents of its memory.
- Windows Error Reporting improperly handles file operations.
- Windows Graphics Component improperly handles objects in memory.
- Diagnostics Hub Standard Collector Service improperly handles file operations.
Please see the references for more information about the vulnerabilities.
Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB4538461) (OID:1.3.6.1.4.1.25623.1.0.815789)
Version used: 2020-07-17T05:57:41Z
This host is missing a critical security update according to Microsoft KB4534273
Vulnerable range: 10.0.17763.0 - 10.0.17763.972 File checked: C:\Windows\system32\User32.dll File version: 10.0.17763.1
Successful exploitation will allow an attacker to execute arbitrary code, bypass security features, elevate privilges, disclose sensitive information, and conduct denial of service and spoofing attacks.
Solution type:VendorFix
The vendor has released updates. Please see the references for more information.
- Microsoft Windows 10 Version 1809 for 32-bit Systems
- Microsoft Windows 10 Version 1809 for x64-based Systems
- Microsoft Windows Server 2019
Multiple flaws exist due to:
- Windows Common Log File System (CLFS) driver fails to properly handle objects in memory.
- Windows Search Indexer improperly handles objects in memory.
- win32k component improperly provides kernel information.
- Microsoft Windows implements predictable memory section names.
- Windows Media Service allows file creation in arbitrary locations.
- Internet Explorer improperly accesses objects in memory.
- Windows Graphics Device Interface Plus (GDI+) improperly handles objects in memory.
Please see the references for more information about the vulnerabilities.
Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB4534273) (OID:1.3.6.1.4.1.25623.1.0.815741)
Version used: 2020-07-17T05:57:41Z
This host is installed with Adobe Flash Player and is prone to multiple vulnerabilities.
Vulnerable range: Less than 32.0.0.255 File checked: C:\Windows\SysWOW64\Flashplayerapp.exe File version: 31.0.0.108
Successful exploitation allows attackers to conduct arbitrary code execution.
Solution type:VendorFix
Upgrade to Adobe Flash Player 32.0.0.255 or later. Please see the references for more information.
Adobe Flash Player prior to 32.0.0.255 within Microsoft Edge or Internet Explorer on,
Windows 10 Version 1607 for x32/x64 Edition,
Windows 10 Version 1703 for x32/x64 Edition,
Windows 10 Version 1709 for x32/x64 Edition,
Windows 10 Version 1803 for x32/x64 Edition,
Windows 10 Version 1809 for x32/x64 Edition,
Windows 10 Version 1903 for x32/x64 Edition,
Windows 10 x32/x64 Edition,
Windows 8.1 for x32/x64 Edition,
Windows Server 2012/2012 R2,
Windows Server 2016,
Windows Server 2019
Multiple flaws exist due to:
- An use after free vulnerability.
- Same Origin Method Execution (SOME) Vulnerability.
Checks if a vulnerable version is present on the target host.
Details: Adobe Flash Player Microsoft Edge and Internet Explorer Security Update (apsb19... (OID:1.3.6.1.4.1.25623.1.0.815470)
Version used: 2020-10-29T15:35:19Z
This host is missing a critical security update according to Microsoft KB4511553
Vulnerable range: 11.0.17763.0 - 11.0.17763.677 File checked: C:\Windows\system32\Edgehtml.dll File version: 11.0.17763.1
Successful exploitation will allow an attacker to run arbitrary code in kernel mode, obtain information to further compromise a user's system, elevate permissions and create a denial of service condition causing the target system to become unresponsive.
Solution type:VendorFix
The vendor has released updates. Please see the references for more information.
- Microsoft Windows 10 Version 1809 for x64-based Systems
- Microsoft Windows Server 2019
- Microsoft Windows 10 Version 1809 for 32-bit Systems
Multiple flaws exist due to:
- Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system.
- Windows improperly handles objects in memory.
- Windows GDI component improperly discloses the contents of its memory.
- Windows font library improperly handles specially crafted embedded fonts.
- Windows improperly handles calls to Advanced Local Procedure Call (ALPC).
- Windows Jet Database Engine improperly handles objects in memory.
- The Chakra scripting engine handles objects in memory in Microsoft Edge.
- Windows RDP server improperly discloses the contents of its memory.
- Windows kernel fails to properly handle objects in memory.
Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB4511553) (OID:1.3.6.1.4.1.25623.1.0.815437)
Version used: 2020-10-29T15:35:19Z
This host is installed with Adobe Flash Player and is prone to an arbitrary code execution vulnerability.
Vulnerable range: Less than 32.0.0.387 File checked: C:\Windows\SysWOW64\Flashplayerapp.exe File version: 31.0.0.108
Successful exploitation allows attackers to execute arbitrary code.
Solution type:VendorFix
Upgrade to Adobe Flash Player 32.0.0.387 or later. Please see the references for more information.
Adobe Flash Player prior to 32.0.0.387 within Microsoft Edge or Internet Explorer on:
Windows 10 Version 1607 for x32/x64 Edition
Windows 10 Version 1703 for x32/x64 Edition
Windows 10 Version 1709 for x32/x64 Edition
Windows 10 Version 1803 for x32/x64 Edition
Windows 10 Version 1809 for x32/x64 Edition
Windows 10 Version 1903 for x32/x64 Edition
Windows 10 Version 1909 for x32/x64 Edition
Windows 10 Version 2004 for x32/x64 Edition
Windows 10 x32/x64 Edition
Windows 8.1 for x32/x64 Edition
Windows Server 2012/2012 R2
Windows Server 2016
Windows Server 2019
The flaw exists due to a use-after-free error.
Checks if a vulnerable version is present on the target host.
Details: Adobe Flash Player Microsoft Edge and Internet Explorer Security Update (apsb20... (OID:1.3.6.1.4.1.25623.1.0.817155)
Version used: 2021-07-08T02:00:55Z
This host is missing a critical security update according to Microsoft KB4598230
Vulnerable range: 10.0.17763.0 - 10.0.17763.1696 File checked: C:\Windows\system32\Gdiplus.dll File version: 10.0.17763.1
Successful exploitation will allow an attacker to elevate privilges and disclose sensitive information.
Solution type:VendorFix
The vendor has released updates. Please see the references for more information.
- Microsoft Windows 10 Version 1809 for 32-bit Systems
- Microsoft Windows 10 Version 1809 for x64-based Systems
- Microsoft Windows Server 2019
Multiple flaws exist due to:
- An error in Windows DNS Query.
- An error in Windows AppX Deployment Extensions.
- An error in Windows Docker.
- An error in Microsoft splwow64.
For more information about the vulnerabilities refer to Reference links.
Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB4598230) (OID:1.3.6.1.4.1.25623.1.0.817572)
Version used: 2021-01-13T16:01:57Z
This host is missing a critical security update according to Microsoft KB4577668
Vulnerable range: 10.0.17763.0 - 10.0.17763.1517 File checked: C:\Windows\system32\Gdiplus.dll File version: 10.0.17763.1
Successful exploitation will allow an attacker to execute arbitrary code, elevate privilges, conduct DoS condition, bypass security restrictions and disclose sensitive information.
Solution type:VendorFix
The vendor has released updates. Please see the references for more information.
- Microsoft Windows 10 Version 1809 x32/x64
- Microsoft Windows Server 2019
Multiple flaws exist due to errors,
- Windows Hyper-V on a host server fails to properly handle objects in memory.
- Windows Network Connections Service improperly handles objects in memory.
- Windows KernelStream improperly handles objects in memory.
- Windows TCP/IP stack improperly handles ICMPv6 Router Advertisement packets.
- Microsoft Windows fails to handle file creation permissions.
- Microsoft Windows Codecs Library improperly handles objects in memory.
For more information about the vulnerabilities refer to Reference links.
Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB4577668) (OID:1.3.6.1.4.1.25623.1.0.817487)
Version used: 2020-10-29T15:35:19Z
This host is missing an important security update according to Microsoft KB4570505
Vulnerable range: 4.7 - 4.7.3649 File checked: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Webengine.dll File version: 4.7.3190.0
Successful exploitation will allow an attacker to gain access to restricted files and take control of an affected system
Solution type:VendorFix
The vendor has released updates. Please see the references for more information.
Microsoft .NET Framework 3.5, 4.7.2 and 4.8 on Microsoft Windows 10 version 1809 and Microsoft Windows Server 2019.
Multiple flaws exist due to
- An error when ASP.NET or .NET web applications running on IIS improperly allow access to cached files.
- An error when Microsoft .NET Framework processes input.
Checks if a vulnerable version is present on the target host.
Details: Microsoft .NET Framework Multiple Vulnerabilities (KB4570505) (OID:1.3.6.1.4.1.25623.1.0.817325)
Version used: 2020-08-13T02:02:03Z
This host is missing a critical security update according to Microsoft KB4561608
Vulnerable range: Less than 10.0.17763.1282 File checked: C:\Windows\system32\drivers\Dxgkrnl.sys File version: 10.0.17763.1
Successful exploitation will allow an attacker to execute arbitrary code, elevate privilges, disclose sensitive information, bypass security restrictions, conduct spoofing and denial of service attacks.
Solution type:VendorFix
The vendor has released updates. Please see the references for more information.
- Microsoft Windows 10 Version 1809 for 32-bit Systems
- Microsoft Windows 10 Version 1809 for x64-based Systems
- Microsoft Windows Server 2019
Multiple flaws exist due to:
- An error when the Windows kernel fails to properly handle objects in memory.
- An error when the Windows GDI component improperly discloses the contents of its memory.
- An error when the Windows Runtime improperly handles objects in memory.
- An error in the way that the VBScript engine handles objects in memory.
Please see the references for more information about the vulnerabilities.
Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB4561608) (OID:1.3.6.1.4.1.25623.1.0.817142)
Version used: 2020-10-29T15:35:19Z
This host is missing a critical security update according to Microsoft KB4484277.
Vulnerable range: 16.0.10337.12109 - 16.0.10357.20003 File checked: C:\Program Files\Microsoft Office Servers\16.0\WebServices\ConversionServices\1033\msoserverintl.dll File version: 16.0.10337.12109
Successful exploitation allows attackers to use a specially crafted file to perform actions in the security context of the current user.
Solution type:VendorFix
The vendor has released updates. Please see the references for more information.
Microsoft SharePoint Server 2019.
Multiple flaws exist when Microsoft Word software fails to properly handle objects in memory.
Checks if a vulnerable version is present on the target host.
Details: Microsoft SharePoint Enterprise Server 2016 Multiple RCE Vulnerabilities (KB448... (OID:1.3.6.1.4.1.25623.1.0.816598)
Version used: 2020-10-29T15:35:19Z
This host is missing a critical security update according to Microsoft KB4484277.
Vulnerable range: 16.0.10337.12109 - 16.0.10357.20003 File checked: C:\Program Files\Microsoft Office Servers\\16.0\WebServices\ConversionServices\1033\msoserverintl.dll File version: 16.0.10337.12109
Successful exploitation allows attackers to use a specially crafted file to perform actions in the security context of the current user.
Solution type:VendorFix
The vendor has released updates. Please see the references for more information.
Microsoft SharePoint Server 2019.
Multiple flaws exist when Microsoft Word software fails to properly handle objects in memory.
Checks if a vulnerable version is present on the target host.
Details: Microsoft SharePoint Enterprise Server 2016 Multiple RCE Vulnerabilities (KB448... (OID:1.3.6.1.4.1.25623.1.0.816598)
Version used: 2020-10-29T15:35:19Z
This host is missing a critical security update according to Microsoft KB4530715
Vulnerable range: 10.0.17763.0 - 10.0.17763.913 File checked: C:\Windows\system32\Rdpcorets.dll File version: 10.0.17763.1
Successful exploitation will allow an attacker to crash host server, execute code with elevated permissions, obtain information to further compromise the user's system, escalate privileges and bypass security restrictions.
Solution type:VendorFix
The vendor has released updates. Please see the references for more information.
- Microsoft Windows 10 Version 1809 for 32-bit Systems
- Microsoft Windows 10 Version 1809 for x64-based Systems
- Microsoft Windows Server 2019
Multiple flaws exist due to:
- Windows kernel improperly handles objects in memory.
- Remote Desktop Protocol (RDP) improperly handles connection requests.
- Windows AppX Deployment Service (AppXSVC) improperly handles hard links.
- Windows AppX Deployment Server improperly handles junctions.
Please see the references for more information about the vulnerabilities.
Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB4530715) (OID:1.3.6.1.4.1.25623.1.0.815864)
Version used: 2020-07-17T05:57:41Z
This host is missing a critical security update according to Microsoft KB4523205
Vulnerable range: 10.0.17763.0 - 10.0.17763.830 File checked: C:\Windows\system32\Userenv.dll File version: 10.0.17763.1
Successful exploitation will allow an attacker to disclose sensitive information, cause the host server to crash, execute code with elevated permissions, elevate privileges and bypass security restrictions.
Solution type:VendorFix
The vendor has released updates. Please see the references for more information.
- Microsoft Windows 10 Version 1809 for 32-bit Systems
- Microsoft Windows 10 Version 1809 for x64-based Systems
- Microsoft Windows Server 2019
Multiple flaws exist due to:
- Windows DirectWrite improperly discloses the contents of its memory.
- Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system.
- Windows Installer improperly handles certain filesystem operations.
- Windows Error Reporting (WER) improperly handles objects in memory.
- Windows TCP/IP stack improperly handles IPv6 flowlabel filled in packets.
- The win32k component improperly provides kernel information.
- Windows Data Sharing Service improperly handles file operations.
- Windows Universal Plug and Play (UPnP) service improperly allows COM object creation.
Please see the references for more information about the vulnerabilities.
Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB4523205) (OID:1.3.6.1.4.1.25623.1.0.815835)
Version used: 2020-10-29T15:35:19Z
This host is missing a critical security update according to Microsoft KB4512578
Vulnerable range: 11.0.17763.0 - 11.0.17763.736 File checked: C:\Windows\system32\Edgehtml.dll File version: 11.0.17763.1
Successful exploitation will allow an attacker to gain elevated privileges, execute arbitrary code on a victim system, bypass access restrictions to add or remove files, potentially read data that was not intended to be disclosed and conduct cross site scripting attacks.
Solution type:VendorFix
The vendor has released updates. Please see the references for more information.
- Microsoft Windows 10 Version 1809 for 32-bit Systems
- Microsoft Windows 10 Version 1809 for x64-based Systems
- Microsoft Windows Server 2019
Multiple flaws exist due to:
- Chakra scripting engine improperly handles objects in memory in Microsoft Edge.
- An error in Windows Text Service Framework (TSF) when the TSF server process does not validate the source of input or commands it receives.
- The Diagnostics Hub Standard Collector Service improperly impersonates certain file operations.
- The Windows Jet Database Engine improperly handles objects in memory.
- Windows Common Log File System (CLFS) driver improperly handles objects in memory.
- Active Directory Federation Services (ADFS) does not properly sanitize certain error messages.
- Windows improperly handles calls to Advanced Local Procedure Call (ALPC).
- An elevation of privilege exists in hdAudio.
- DirectWrite improperly discloses the contents of its memory.
- Windows AppX Deployment Server improperly handles junctions.
- Windows kernel fails to properly initialize a memory address.
Please see the references for more information about the vulnerabilities.
Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB4512578) (OID:1.3.6.1.4.1.25623.1.0.815453)
Version used: 2020-10-29T15:35:19Z
This host is missing a critical security update according to Microsoft KB4503327
Vulnerable range: 11.0.17763.0 - 11.0.17763.556 File checked: C:\Windows\system32\Edgehtml.dll File version: 11.0.17763.1
Successful exploitation will allow an attacker to execute arbitrary code on a victim system, escalate privileges, bypass security restrictions, disclose sensitive information and cause a denial of service condition on a victim system.
Solution type:VendorFix
The vendor has released updates. Please see the references for more information.
- Microsoft Windows 10 Version 1809 for 32-bit Systems
- Microsoft Windows 10 Version 1809 for x64-based Systems
- Microsoft Windows Server 2019
Multiple flaws exist due to:
- Windows kernel improperly initializes objects in memory.
- Chakra scripting engine handles objects in memory in Microsoft Edge.
- Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system.
- Windows Jet Database Engine improperly handles objects in memory.
- Windows AppX Deployment Service (AppXSVC) improperly handles hard links.
- Windows GDI component improperly discloses the contents of its memory.
- Windows Common Log File System (CLFS) driver improperly handles objects in memory.
Please see the references for more information about the vulnerabilities.
Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB4503327) (OID:1.3.6.1.4.1.25623.1.0.815088)
Version used: 2020-10-29T15:35:19Z
This host is installed with Adobe Flash Player within Microsoft Edge or Internet Explorer and is prone to an use after free vulnerability.
Vulnerable range: Less than 32.0.0.192 File checked: C:\Windows\SysWOW64\Flashplayerapp.exe File version: 31.0.0.108
Successful exploitation allows attackers to conduct arbitrary code execution in the context of current user.
Solution type:VendorFix
Upgrade to Adobe Flash Player 32.0.0.192 or later. Please see the references for more information.
Adobe Flash Player prior to 32.0.0.192 within Microsoft Edge or Internet Explorer on,
Windows 10 Version 1607 for x32/x64 Edition,
Windows 10 Version 1703 for x32/x64 Edition,
Windows 10 Version 1709 for x32/x64 Edition,
Windows 10 Version 1803 for x32/x64 Edition,
Windows 10 Version 1809 for x32/x64 Edition,
Windows 10 x32/x64 Edition,
Windows 8.1 for x32/x64 Edition,
Windows Server 2012/2012 R2,
Windows Server 2016,
Windows Server 2019
The flaw exists due to an use after free error.
Checks if a vulnerable version is present on the target host.
Details: Adobe Flash Player Microsoft Edge and Internet Explorer Security Update (apsb19... (OID:1.3.6.1.4.1.25623.1.0.815061)
Version used: 2020-05-13T14:08:32Z
This host is missing a critical security update according to Microsoft KB4494441.
Vulnerable range: 11.0.17763.0 - 11.0.17763.502 File checked: C:\Windows\system32\Edgehtml.dll File version: 11.0.17763.1
Successful exploitation will allow an attacker to execute arbitrary code, escalate privileges, bypass security restrictions and disclose sensitive information on a victim system.
Solution type:VendorFix
The vendor has released updates. Please see the references for more information.
- Microsoft Windows 10 Version 1809 for 32-bit Systems
- Microsoft Windows 10 Version 1809 for x64-based Systems
- Microsoft Windows Server 2019
Multiple flaws exist:
- Windows Jet Database Engine improperly handles objects in memory.
- Chakra scripting engine improperly handles objects in memory in Microsoft Edge.
- Windows Error Reporting (WER) improperly handles files.
- An error in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement.
Please see the references for more information about the vulnerabilities.
Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB4494441) (OID:1.3.6.1.4.1.25623.1.0.815046)
Version used: 2020-11-19T14:17:11Z
This host is installed with Adobe Flash Player and is prone to an arbitrary code execution vulnerability.
Vulnerable range: Less than 32.0.0.445 File checked: C:\Windows\SysWOW64\Flashplayerapp.exe File version: 31.0.0.108
Successful exploitation allows attackers to execute arbitrary code.
Solution type:VendorFix
Upgrade to Adobe Flash Player 32.0.0.445 or later. Please see the references for more information.
Adobe Flash Player prior to 32.0.0.445 within Microsoft Edge or Internet Explorer on:
Windows 10 Version 1607 for x32/x64 Edition
Windows 10 Version 1703 for x32/x64 Edition
Windows 10 Version 1709 for x32/x64 Edition
Windows 10 Version 1803 for x32/x64 Edition
Windows 10 Version 1809 for x32/x64 Edition
Windows 10 Version 1903 for x32/x64 Edition
Windows 10 Version 1909 for x32/x64 Edition
Windows 10 Version 2004 for x32/x64 Edition
Windows 10 x32/x64 Edition
Windows 8.1 for x32/x64 Edition
Windows Server 2012/2012 R2
Windows Server 2016
Windows Server 2019
The flaw exists due to a null pointer dereference error.
Checks if a vulnerable version is present on the target host.
Details: Adobe Flash Player Microsoft Edge and Internet Explorer Security Update (apsb20... (OID:1.3.6.1.4.1.25623.1.0.817806)
Version used: 2021-07-08T02:00:55Z
This host is installed with Adobe Flash Player and is prone to an arbitrary code execution vulnerability.
Vulnerable range: Less than 32.0.0.330 File checked: C:\Windows\SysWOW64\Flashplayerapp.exe File version: 31.0.0.108
Successful exploitation allows attackers to execute arbitrary code.
Solution type:VendorFix
Upgrade to Adobe Flash Player 32.0.0.330 or later. Please see the references for more information.
Adobe Flash Player prior to 32.0.0.330 within Microsoft Edge or Internet Explorer on,
Windows 10 Version 1607 for x32/x64 Edition,
Windows 10 Version 1709 for x32/x64 Edition,
Windows 10 Version 1803 for x32/x64 Edition,
Windows 10 Version 1809 for x32/x64 Edition,
Windows 10 Version 1903 for x32/x64 Edition,
Windows 10 Version 1909 for x32/x64 Edition,
Windows 10 x32/x64 Edition,
Windows 8.1 for x32/x64 Edition,
Windows Server 2012/2012 R2,
Windows Server 2016,
Windows Server 2019
The flaw exists due to a type confusion issue.
Checks if a vulnerable version is present on the target host.
Details: Adobe Flash Player Microsoft Edge and Internet Explorer Security Update (apsb20... (OID:1.3.6.1.4.1.25623.1.0.815772)
Version used: 2021-07-08T11:00:45Z
This host is missing a critical security update according to Microsoft KB5001342
Vulnerable range: 11.0.17763.0 - 11.0.17763.1878 File checked: C:\Windows\system32\mshtml.dll File version: 11.0.17763.1
Successful exploitation will allow an attacker to perform remote code execution, conduct a denial-of-service condition, gain access to potentially sensitive data, bypass security restrictions, conduct spoofing and elevate privileges.
Solution type:VendorFix
The vendor has released updates. Please see the references for more information.
- Microsoft Windows 10 Version 1809 for 32-bit Systems
- Microsoft Windows 10 Version 1809 for x64-based Systems
- Microsoft Windows Server 2019
Multiple flaws exist due to:
- Multiple errors in Windows Installer.
- An error in Microsoft 'Win32k' component.
- An error in Windows Media Photo Codec component.
For more information about the vulnerabilities refer to Reference links.
Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB5001342) (OID:1.3.6.1.4.1.25623.1.0.817686)
Version used: 2021-04-26T08:46:56Z
The script tries to detect Windows 'Uninstall' registry entries and 'Services' using an unquoted path containing at least one whitespace.
The following services are using an 'unquoted' service path: DisplayName|Name|PathName Claims to Windows Token Service|c2wts|C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe
A local attacker could gain elevated privileges by inserting an executable file in the path of the affected service or uninstall entry.
Solution type:Workaround
Either put the listed vulnerable paths in quotation by manually using the onboard Registry editor or contact your vendor to get an update for the specified software that fixes this vulnerability.
Software installing an 'Uninstall' registry entry or 'Service' on Microsoft Windows using an unquoted path containing at least one whitespace.
If the path contains spaces and is not surrounded by quotation marks, the Windows API has to guess where to find the referenced program. If e.g. a service is using the following unquoted path:
C:\Program Files\Folder\service.exe
then a start of the service would first try to run:
C:\Program.exe
and if not found:
C:\Program Files\Folder\service.exe
afterwards. In this example the behavior allows a local attacker with low privileges and write permissions on C:\ to place a malicious Program.exe which is then executed on a service/host restart or during the uninstallation of a software.
NOTE: Currently only 'Services' using an unquoted path are reported as a vulnerability. The 'Uninstall' vulnerability requires an Administrator / User to actively uninstall the affected software to trigger this vulnerability.
Details: Microsoft Windows Unquoted Path Vulnerability (SMB Login) (OID:1.3.6.1.4.1.25623.1.0.107303)
Version used: 2021-07-16T07:41:19Z
This host has IExpress bundled with Microsoft Windows and is prone to an untrusted search path vulnerability.
Fixed version: Workaround File checked: C:\Windows\system32\IEXPRESS.EXE File version: 11.0.17763.1
Successful exploitation will allow an attacker to execute arbitrary code with the privilege of the user invoking a vulnerable self-extracting archive file.
Solution type:Workaround
As a workaround save self-extracting archive files into a newly created directory, and confirm there are no unrelated files in the directory and make sure there are no suspicious files in the directory where self-extracting archive files are saved.
IExpress bundled with Microsoft Windows
The flaw exists due to an untrusted search path error in self-extracting archive files created by IExpress bundled with Microsoft Windows.
Check for the presence of IExpress (IEXPRESS.EXE).
Details: Windows IExpress Untrusted Search Path Vulnerability (OID:1.3.6.1.4.1.25623.1.0.813808)
Version used: 2021-06-24T02:00:31Z
This host is missing a critical security update according to Microsoft KB5004244
Vulnerable range: 11.0.17763.0 - 11.0.17763.2060 File checked: C:\Windows\system32\mshtml.dll File version: 11.0.17763.1
Successful exploitation will allow an attacker to conduct DoS, bypass security restrictions, perform remote code execution, gain access to potentially sensitive data, conduct spoofing and elevate privileges.
Solution type:VendorFix
The vendor has released updates. Please see the references for more information.
- Microsoft Windows 10 Version 1809 for 32-bit Systems
- Microsoft Windows 10 Version 1809 for x64-based Systems
- Microsoft Windows Server 2019
Multiple flaws exist due to:
- An error in Windows Media.
- An error in Windows Projected File System.
- An error in Windows DNS Server.
- An error in Windows DNS Snap-in.
- An error in Windows Kernel.
For more information about the vulnerabilities refer to Reference links.
Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB5004244) (OID:1.3.6.1.4.1.25623.1.0.818341)
Version used: 2021-07-15T09:57:41Z
This host is missing a critical security update according to Microsoft KB4522015
Vulnerable range: 11.0.17763.0 - 11.0.17763.737 File checked: C:\Windows\system32\Edgehtml.dll File version: 11.0.17763.1
Successful exploitation will allow an attacker to execute arbitrary code in the context of the current user.
Solution type:VendorFix
The vendor has released updates. Please see the references for more information.
Internet Explorer 11 on
Windows 10 Version 1809 x32/x64
Windows Server 2019
The flaw exists due to an error in the way that the scripting engine handles objects in memory in Internet Explorer.
Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Scripting Engine Memory Corruption Vulnerability (KB4522015) (OID:1.3.6.1.4.1.25623.1.0.815624)
Version used: 2020-10-29T15:35:19Z
This host is missing a critical security update according to Microsoft KB5003171
Vulnerable range: 10.0.17763.0 - 10.0.17763.1934 File checked: C:\Windows\system32\oleaut32.dll File version: 10.0.17763.1
Successful exploitation will allow an attacker to perform remote code execution, gain access to potentially sensitive data, conduct spoofing and elevate privileges.
Solution type:VendorFix
The vendor has released updates. Please see the references for more information.
- Microsoft Windows 10 Version 1809 for 32-bit Systems
- Microsoft Windows 10 Version 1809 for x64-based Systems
- Microsoft Windows Server 2019
Multiple flaws exist due to:
- A memory corruption error in Scripting Engine.
- An error in Windows Wireless Networking.
- An error in OLE Automation.
For more information about the vulnerabilities refer to Reference links.
Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB5003171) (OID:1.3.6.1.4.1.25623.1.0.818117)
Version used: 2021-05-26T07:20:58Z
This host is installed with 'OData Library' and is prone to a denial of service vulnerability.
Fixed version: 5.8.4 File checked: c:\program files (x86)\microsoft sql server management studio 18\common7\ide\commonextensions\microsoft\ssis\150\extensions\odatasourceeferences\microsoft.data.odata.dll File version: 5.6.1.61768 Fixed version: 5.8.4 File checked: c:\program files (x86)\microsoft sql server management studio 18\common7\ide\microsoft.data.odata.dll File version: 5.6.4.62175 Fixed version: 5.8.4 File checked: c:\program files (x86)\microsoft wcf data services\5.6\bin\.netframework\microsoft.data.odata.dll File version: 5.6.0.61587 Fixed version: 5.8.4 File checked: c:\program files (x86)\microsoft wcf data services\5.6\bin\tools\microsoft.data.odata.dll File version: 5.6.0.61587 Fixed version: 5.8.4 File checked: c:\program files\microsoft office servers\16.0\webservices\shared\excelcalculationserver\datamodel\microsoft.data.odata.dll File version: 3.5.30729.50823 Fixed version: 5.8.4 File checked: c:\program files\microsoft sql server\150\dts\extensions\odatasourceeferences\microsoft.data.odata.dll File version: 5.6.1.61768 Fixed version: 5.8.4 File checked: c:\windows\microsoft.net\assembly\gac_msil\microsoft.data.odata\v4.0_5.3.0.0__31bf3856ad364e35\microsoft.data.odata.dll File version: 5.3.0.60214 Fixed version: 5.8.4 File checked: c:\windows\microsoft.net\assembly\gac_msil\microsoft.data.odata\v4.0_5.6.0.0__31bf3856ad364e35\microsoft.data.odata.dll File version: 5.6.0.61587
Successful exploitation will allow an attacker to cause a denial of service against an OData web application.
Solution type:VendorFix
Upgrade to Microsoft.Data.OData library to version 5.8.4 or later. Please see the references for more information.
Microsoft.Data.OData library
The flaw exists due to an error in how the OData web application handles web requests.
Checks if a vulnerable version is present on the target host.
Details: 'Microsoft.Data.OData' Denial of Service Vulnerability Sep18 (Windows) (OID:1.3.6.1.4.1.25623.1.0.814211)
Version used: 2021-06-24T11:00:30Z
This host is missing a critical security update according to Microsoft KB4601345
Vulnerable range: 11.0.17763.0 - 11.0.17763.1756 File checked: C:\Windows\system32\mshtml.dll File version: 11.0.17763.1
Successful exploitation allows an attacker to execute arbitrary code on a victim system, disclose sensitive information, conduct denial-of-service condition and gain elevated privileges.
Solution type:VendorFix
The vendor has released updates. Please see the references for more information.
- Microsoft Windows 10 Version 1809 for 32-bit Systems
- Microsoft Windows 10 Version 1809 for x64-based Systems
- Microsoft Windows Server 2019
Multiple flaws exist due to:
- An error in Windows Fax Service.
- An error in Windows Installer.
- An error in Windows Remote Procedure Call.
- An error in Windows TCP/IP.
For more information about the vulnerabilities refer to Reference links.
Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Multiple Vulnerabilities (KB4601345) (OID:1.3.6.1.4.1.25623.1.0.818003)
Version used: 2021-03-09T09:52:25Z
This host is installed with a USB device driver software and is prone to a code execution vulnerability.
File checked for existence: C:\Windows\system32\hidserv.dll
Successful exploitation will allow user-assisted attackers to execute arbitrary programs via crafted USB data.
Solution type:Workaround
No solution or patch was made available for at least one year since disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one.
A workaround is to introduce device filtering on the target host to only allow trusted USB devices to be enabled automatically. Once this workaround is in place an Overwrite for this vulnerability can be created to mark it as a false positive.
All Microsoft Windows systems with an enabled USB device driver and no local protection mechanism against the automatic enabling of additional Human Interface Device (HID).
The flaw is due to error in USB device driver (hidserv.dll), which does not properly warn the user before enabling additional Human Interface Device (HID) functionality.
Details: MS Windows HID Functionality (Over USB) Code Execution Vulnerability (OID:1.3.6.1.4.1.25623.1.0.801581)
Version used: 2020-03-04T09:29:37Z
This host is missing a critical security update according to Microsoft KB4507419
Vulnerable range: 4.7 - 4.7.3439 File checked: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\System.workflow.runtime.dll File version: 4.7.3190.0
Successful exploitation will allow an attacker to gain elevated privileges, conduct denial-of-service condition and execute arbitrary code.
Solution type:VendorFix
The vendor has released updates. Please see the references for more information.
Microsoft .NET Framework 3.5, 4.7.2 and 4.8 on Microsoft Windows 10 version 1809 and Microsoft Windows Server 2019.
Multiple flaws exist due to:
- An error in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys.
- An error when Microsoft Common Object Runtime Library improperly handles web requests.
- Because the .NET Framework fails to check the source markup of a file.
Checks if a vulnerable version is present on the target host.
Details: Microsoft .NET Framework Multiple Vulnerabilities (KB4507419) (OID:1.3.6.1.4.1.25623.1.0.815150)
Version used: 2020-10-28T08:50:02Z
This host is missing a critical security update according to Microsoft KB4566516
Vulnerable range: 4.7 - 4.7.3629 File checked: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\System.data.dll File version: 4.7.3190.0
Successful exploitation will allow an attacker to run arbitrary code in the context of the process responsible for deserialization of the XML content.
Solution type:VendorFix
The vendor has released updates. Please see the references for more information.
Microsoft .NET Framework 3.5, 4.7.2 and 4.8 on Microsoft Windows 10 version 1809 and Microsoft Windows Server 2019.
The flaw exists due to an error in .NET Framework when the software fails to check the source markup of XML file input.
Checks if a vulnerable version is present on the target host.
Details: Microsoft .NET Framework Remote Code Execution Vulnerability (KB4566516) (OID:1.3.6.1.4.1.25623.1.0.817087)
Version used: 2020-07-28T07:05:49Z
This host is installed with Adobe Flash Player within Microsoft Edge or Internet Explorer and is prone to an use after free vulnerability.
Vulnerable range: Less than 32.0.0.207 File checked: C:\Windows\SysWOW64\Flashplayerapp.exe File version: 31.0.0.108
Successful exploitation allows attackers to conduct arbitrary code execution in the context of current user.
Solution type:VendorFix
Upgrade to Adobe Flash Player 32.0.0.207 or later. Please see the references for more information.
Adobe Flash Player prior to 32.0.0.207 within Microsoft Edge or Internet Explorer on,
Windows 10 Version 1607 for x32/x64 Edition,
Windows 10 Version 1703 for x32/x64 Edition,
Windows 10 Version 1709 for x32/x64 Edition,
Windows 10 Version 1803 for x32/x64 Edition,
Windows 10 Version 1809 for x32/x64 Edition,
Windows 10 x32/x64 Edition,
Windows 8.1 for x32/x64 Edition,
Windows Server 2012/2012 R2,
Windows Server 2016,
Windows Server 2019
The flaw exists due to an use after free error.
Checks if a vulnerable version is present on the target host.
Details: Adobe Flash Player Microsoft Edge and Internet Explorer Security Update (apsb19... (OID:1.3.6.1.4.1.25623.1.0.814983)
Version used: 2020-05-13T14:08:32Z
This host is missing a critical security update according to Microsoft KB4579976
Vulnerable range: 4.7 - 4.7.3700 File checked: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\System.data.dll File version: 4.7.3190.0
Successful exploitation will allow an attacker to gain access to sensitive information and run arbitrary code in the context of the process responsible for deserialization of the XML content.
Solution type:VendorFix
The vendor has released updates. Please see the references for more information.
Microsoft .NET Framework 3.5, 4.7.2 and 4.8 on Microsoft Windows 10 version 1809 and Microsoft Windows Server 2019.
Multiple flaws exist due to:
- An error in .NET Framework when the software fails to check the source markup of XML file input.
- An error when the .NET Framework improperly handles objects in memory.
Checks if a vulnerable version is present on the target host.
Details: Microsoft .NET Framework Multiple Vulnerabilities (KB4579976) (OID:1.3.6.1.4.1.25623.1.0.817396)
Version used: 2020-10-26T08:11:11Z
This host is missing an important security update according to Microsoft KB4601887
Vulnerable range: 4.7 - 4.7.3769 File checked: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\System.web.dll File version: 4.7.3190.0
Successful exploitation will allow an attacker to conduct a denial of service attack.
Solution type:VendorFix
The vendor has released updates. Please see the references for more information.
Microsoft .NET Framework 4.7.2 and 4.8 on Microsoft Windows 10 version 1809 and Microsoft Windows Server 2019.
The flaw exists due to an error when the .NET Framework improperly handles data.
Checks if a vulnerable version is present on the target host.
Details: Microsoft .NET Framework Denial of Service Vulnerability (KB4601887) (OID:1.3.6.1.4.1.25623.1.0.817664)
Version used: 2021-03-12T08:02:45Z
Distributed Computing Environment / Remote Procedure Calls (DCE/RPC) or MSRPC services running on the remote host can be enumerated by connecting on port 135 and doing the appropriate queries.
Here is the list of DCE/RPC or MSRPC services running on this host via the TCP protocol:
Port: 49664/tcp
UUID: d95afe70-a6d5-4259-822e-2c84da1ddb0d, version 1
Endpoint: ncacn_ip_tcp:192.168.99.12[49664]
Port: 49665/tcp
UUID: 30adc50c-5cbc-46ce-9a0e-91914789e23c, version 1
Endpoint: ncacn_ip_tcp:192.168.99.12[49665]
Annotation: NRP server endpoint
UUID: 3473dd4d-2e88-4006-9cba-22570909dd10, version 5
Endpoint: ncacn_ip_tcp:192.168.99.12[49665]
Annotation: WinHttp Auto-Proxy Service
UUID: 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5, version 1
Endpoint: ncacn_ip_tcp:192.168.99.12[49665]
Annotation: DHCP Client LRPC Endpoint
UUID: 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6, version 1
Endpoint: ncacn_ip_tcp:192.168.99.12[49665]
Annotation: DHCPv6 Client LRPC Endpoint
UUID: f6beaff7-1e19-4fbb-9f8f-b89e2018337c, version 1
Endpoint: ncacn_ip_tcp:192.168.99.12[49665]
Annotation: Event log TCPIP
Port: 49666/tcp
UUID: 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7, version 0
Endpoint: ncacn_ip_tcp:192.168.99.12[49666]
Annotation: RemoteAccessCheck
UUID: 12345678-1234-abcd-ef00-01234567cffb, version 1
Endpoint: ncacn_ip_tcp:192.168.99.12[49666]
Named pipe : lsass
Win32 service or process : Netlogon
Description : Net Logon service
UUID: 12345778-1234-abcd-ef00-0123456789ab, version 0
Endpoint: ncacn_ip_tcp:192.168.99.12[49666]
Named pipe : lsass
Win32 service or process : lsass.exe
Description : LSA access
UUID: 12345778-1234-abcd-ef00-0123456789ac, version 1
Endpoint: ncacn_ip_tcp:192.168.99.12[49666]
Named pipe : lsass
Win32 service or process : lsass.exe
Description : SAM access
UUID: 51a227ae-825b-41f2-b4a9-1ac9557a1018, version 1
Endpoint: ncacn_ip_tcp:192.168.99.12[49666]
Annotation: Ngc Pop Key Service
UUID: 8fb74744-b2ff-4c00-be0d-9ef9a191fe1b, version 1
Endpoint: ncacn_ip_tcp:192.168.99.12[49666]
Annotation: Ngc Pop Key Service
UUID: b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86, version 2
Endpoint: ncacn_ip_tcp:192.168.99.12[49666]
Annotation: KeyIso
UUID: c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1
Endpoint: ncacn_ip_tcp:192.168.99.12[49666]
Annotation: Impl friendly name
UUID: e3514235-4b06-11d1-ab04-00c04fc2dcd2, version 4
Endpoint: ncacn_ip_tcp:192.168.99.12[49666]
Annotation: MS NT Directory DRS Interface
Port: 49668/tcp
UUID: 0d3c7f20-1c8d-4654-a1b3-51563b298bda, version 1
Endpoint: ncacn_ip_tcp:192.168.99.12[49668]
Annotation: UserMgrCli
UUID: 29770a8f-829b-4158-90a2-78cd488501f7, version 1
Endpoint: ncacn_ip_tcp:192.168.99.12[49668]
UUID: 2e6035b2-e8f1-41a7-a044-656b439c4c34, version 1
Endpoint: ncacn_ip_tcp:192.168.99.12[49668]
Annotation: Proxy Manager provider server endpoint
UUID: 3a9ef155-691d-4449-8d05-09ad57031823, version 1
Endpoint: ncacn_ip_tcp:192.168.99.12[49668]
UUID: 552d076a-cb29-4e44-8b6a-d15e59e2c0af, version 1
Endpoint: ncacn_ip_tcp:192.168.99.12[49668]
Annotation: IP Transition Configuration endpoint
UUID: 86d35949-83c9-4044-b424-db363231fd0c, version 1
Endpoint: ncacn_ip_tcp:192.168.99.12[49668]
UUID: b18fbab6-56f8-4702-84e0-41053293a869, version 1
Endpoint: ncacn_ip_tcp:192.168.99.12[49668]
Annotation: UserMgrCli
UUID: c36be077-e14b-4fe9-8abc-e856ef4f048b, version 1
Endpoint: ncacn_ip_tcp:192.168.99.12[49668]
Annotation: Proxy Manager client server endpoint
UUID: c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1, version 1
Endpoint: ncacn_ip_tcp:192.168.99.12[49668]
Annotation: Adh APIs
UUID: c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1
Endpoint: ncacn_ip_tcp:192.168.99.12[49668]
Annotation: Impl friendly name
Port: 49673/tcp
UUID: 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7, version 0
Endpoint: ncacn_http:192.168.99.12[49673]
Annotation: RemoteAccessCheck
UUID: 12345678-1234-abcd-ef00-01234567cffb, version 1
Endpoint: ncacn_http:192.168.99.12[49673]
Named pipe : lsass
Win32 service or process : Netlogon
Description : Net Logon service
UUID: 12345778-1234-abcd-ef00-0123456789ab, version 0
Endpoint: ncacn_http:192.168.99.12[49673]
Named pipe : lsass
Win32 service or process : lsass.exe
Description : LSA access
UUID: 12345778-1234-abcd-ef00-0123456789ac, version 1
Endpoint: ncacn_http:192.168.99.12[49673]
Named pipe : lsass
Win32 service or process : lsass.exe
Description : SAM access
UUID: 51a227ae-825b-41f2-b4a9-1ac9557a1018, version 1
Endpoint: ncacn_http:192.168.99.12[49673]
Annotation: Ngc Pop Key Service
UUID: 8fb74744-b2ff-4c00-be0d-9ef9a191fe1b, version 1
Endpoint: ncacn_http:192.168.99.12[49673]
Annotation: Ngc Pop Key Service
UUID: b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86, version 2
Endpoint: ncacn_http:192.168.99.12[49673]
Annotation: KeyIso
UUID: e3514235-4b06-11d1-ab04-00c04fc2dcd2, version 4
Endpoint: ncacn_http:192.168.99.12[49673]
Annotation: MS NT Directory DRS Interface
Port: 49674/tcp
UUID: 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7, version 0
Endpoint: ncacn_ip_tcp:192.168.99.12[49674]
Annotation: RemoteAccessCheck
UUID: 12345678-1234-abcd-ef00-01234567cffb, version 1
Endpoint: ncacn_ip_tcp:192.168.99.12[49674]
Named pipe : lsass
Win32 service or process : Netlogon
Description : Net Logon service
UUID: 12345778-1234-abcd-ef00-0123456789ac, version 1
Endpoint: ncacn_ip_tcp:192.168.99.12[49674]
Named pipe : lsass
Win32 service or process : lsass.exe
Description : SAM access
UUID: 51a227ae-825b-41f2-b4a9-1ac9557a1018, version 1
Endpoint: ncacn_ip_tcp:192.168.99.12[49674]
Annotation: Ngc Pop Key Service
UUID: 8fb74744-b2ff-4c00-be0d-9ef9a191fe1b, version 1
Endpoint: ncacn_ip_tcp:192.168.99.12[49674]
Annotation: Ngc Pop Key Service
UUID: b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86, version 2
Endpoint: ncacn_ip_tcp:192.168.99.12[49674]
Annotation: KeyIso
Port: 49676/tcp
UUID: 0b6edbfa-4a24-4fc6-8a23-942b1eca65d1, version 1
Endpoint: ncacn_ip_tcp:192.168.99.12[49676]
UUID: 12345678-1234-abcd-ef00-0123456789ab, version 1
Endpoint: ncacn_ip_tcp:192.168.99.12[49676]
Named pipe : spoolss
Win32 service or process : spoolsv.exe
Description : Spooler service
UUID: 4a452661-8290-4b36-8fbe-7f4093a94978, version 1
Endpoint: ncacn_ip_tcp:192.168.99.12[49676]
UUID: 76f03f96-cdfd-44fc-a22c-64950a001209, version 1
Endpoint: ncacn_ip_tcp:192.168.99.12[49676]
UUID: ae33069b-a2a8-46ee-a235-ddfd339be281, version 1
Endpoint: ncacn_ip_tcp:192.168.99.12[49676]
Port: 49681/tcp
UUID: 367abb81-9844-35f1-ad32-98f038001003, version 2
Endpoint: ncacn_ip_tcp:192.168.99.12[49681]
Port: 49687/tcp
UUID: 50abc2a4-574d-40b3-9d66-ee4fd5fba076, version 5
Endpoint: ncacn_ip_tcp:192.168.99.12[49687]
Named pipe : dnsserver
Win32 service or process : dns.exe
Description : DNS Server
Port: 49702/tcp
UUID: 897e2e5f-93f3-4376-9c9c-fd2277495c27, version 1
Endpoint: ncacn_ip_tcp:192.168.99.12[49702]
Annotation: Frs2 Service
Note: DCE/RPC or MSRPC services running on this host locally were identified. Reporting this list is not enabled by default due to the possible large size of this list. See the script preferences to enable this reporting.
An attacker may use this fact to gain more knowledge about the remote host.
Solution type:Mitigation
Filter incoming traffic to this ports.
Details: DCE/RPC and MSRPC Services Enumeration Reporting (OID:1.3.6.1.4.1.25623.1.0.10736)
Version used: 2017-06-13T07:06:12Z
This host is missing an important security update according to Microsoft KB4499405
Vulnerable range: 4.7 - 4.7.3415 File checked: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\system.dll File version: 4.7.3190.0
Successful exploitation will allow an attacker to cause a denial of service condition.
Solution type:VendorFix
The vendor has released updates. Please see the references for more information.
Microsoft .NET Framework 3.5, 4.7.2 and 4.8 on Microsoft Windows 10 version 1809 and Microsoft Windows Server 2019.
Multiple flaws exist due to:
- Multiple errors when .NET Framework or .NET Core improperly handle web requests.
- An error when .NET Framework improperly handles objects in heap memory.
- An error when .NET Framework and .NET Core improperly process RegEx strings.
Checks if a vulnerable version is present on the target host.
Details: Microsoft .NET Framework Multiple DoS Vulnerabilities (KB4499405) (OID:1.3.6.1.4.1.25623.1.0.815109)
Version used: 2020-10-29T15:35:19Z
This host is missing an important security update according to Microsoft KB4499728.
Vulnerable range: Less than 10.0.17763.503 File checked: c:\windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17763.1_none_fa254b2e1f73e660\smiengine.dll File version: 10.0.17763.1
Successful exploitation will allow an attacker to bypass a security control or take advantage of a vulnerability.
Solution type:VendorFix
The vendor has released updates. Please see the references for more information.
- Microsoft Windows 10 Version 1809 32-bit Systems
- Microsoft Windows 10 Version 1809 for x64-based Systems
Microsoft has released latest servicing stack updates that provides enhanced security as a defense in depth measure.
Checks if a vulnerable version is present on the target host.
Details: Microsoft Windows Latest Servicing Stack Updates-Defense in Depth (KB4499728) (OID:1.3.6.1.4.1.25623.1.0.815131)
Version used: 2021-05-07T12:04:10Z
This host is missing an important security update according to Microsoft KB4514601
Vulnerable range: 4.7 - 4.7.3459 File checked: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorlib.dll File version: 4.7.3190.0
Successful exploitation will allow an attacker to write files to folders that require higher privileges than what the attacker already has.
Solution type:VendorFix
The vendor has released updates. Please see the references for more information.
Microsoft .NET Framework 3.5, 4.7.2 and 4.8 for Microsoft Windows 10 Version 1809 and Microsoft Windows Server 2019.
The flaw exists as .NET Framework common language runtime (CLR) allows file creation in arbitrary locations.
Checks if a vulnerable version is present on the target host
Details: Microsoft .NET Framework Privilege Escalation Vulnerability (KB4514601) (OID:1.3.6.1.4.1.25623.1.0.815610)
Version used: 2020-06-04T09:02:37Z
Host 192.168.99.28 (demo-ubuntu-18.vscan.tech)
| Scanning of this host started at: | Fri Aug 27 11:41:35 2021 UTC |
| Number of results: | 281 |
Port Summary for Host 192.168.99.28
| Service (Port) | Threat Level |
|---|---|
| 8080/tcp | Medium |
| general/tcp | High |
Security Issues for Host 192.168.99.28
The host is installed with Oracle Java SE JRE and is prone to multiple unspecified vulnerabilities.
The target host was found to be vulnerable
Successful exploitation will allow attackers to perform certain actions with escalated privileges, disclose sensitive information and compromise a user's system.
Solution type:VendorFix
Apply the patch from the referenced advisory.
Oracle Java SE 6 update 81 and prior, 7 update 67 and prior, and 8 update 20 and prior on Linux.
Multiple flaws exist due to:
- Multiple errors related to the Deployment subcomponent.
- An XXE (Xml eXternal Entity) injection error in com/sun/org/apache/xerces/internal/impl/XMLEntityManager.java script.
- An error in windows/native/sun/awt/splashscreen/splashscreen_sys.c script related to handling of splash images.
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE JRE Multiple Unspecified Vulnerabilities-02 Oct 2014 (Linux) (OID:1.3.6.1.4.1.25623.1.0.108414)
Version used: 2020-05-12T13:57:17Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The remote host is missing an update for the 'linux' package(s) announced via the USN-4115-1 advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.60.62
Solution type:VendorFix
Please install the updated package(s).
'linux' package(s) on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Hui Peng and Mathias Payer discovered that the Option USB High Speed driver in the Linux kernel did not properly validate metadata received from the device. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2018-19985)
Zhipeng Xie discovered that an infinite loop could triggered in the CFS Linux kernel process scheduler. A local attacker could possibly use this to cause a denial of service. (CVE-2018-20784)
It was discovered that the Intel wifi device driver in the Linux kernel did not properly validate certain Tunneled Direct Link Setup (TDLS). A physically proximate attacker could use this to cause a denial of service (wifi disconnect). (CVE-2019-0136)
It was discovered that the Bluetooth UART implementation in the Linux kernel did not properly check for missing tty operations. A local attacker could use this to cause a denial of service. (CVE-2019-10207)
Amit Klein and Benny Pinkas discovered that the Linux kernel did not sufficiently randomize IP ID values generated for connectionless networking protocols. A remote attacker could use this to track particular Linux devices. (CVE-2019-10638)
Amit Klein and Benny Pinkas discovered that the location of kernel addresses could exposed by the implementation of connection-less network protocols in the Linux kernel. A remote attacker could possibly use this to assist in the exploitation of another vulnerability in the Linux kernel. (CVE-2019-10639)
It was discovered that an integer overflow existed in the Linux kernel when reference counting pages, leading to potential use-after-free issues. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-11487)
Jann Horn discovered that a race condition existed in the Linux kernel when performing core dumps. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information. (CVE-2019-11599)
It was discovered that a null pointer dereference vulnerability existed in the LSI Logic MegaRAID driver in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2019-11810)
It was discovered that the GTCO tablet input driver in the Linux kernel did not properly bounds check the initial HID report sent by the device. A physically proximate attacker could use to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-13631)
Praveen Pandey discovered that the Linux kernel did not properly validate sent signals in some situations on PowerPC systems with transaction ...
Description truncated. Please see the references for more information.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for linux USN-4115-1 (OID:1.3.6.1.4.1.25623.1.0.844156)
Version used: 2019-09-05T09:53:24Z
The remote host is missing an update for the 'linux' package(s) announced via the USN-4115-2 advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.62.64
Solution type:VendorFix
Please install the updated package(s).
'linux' package(s) on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
USN 4115-1 fixed vulnerabilities in the Linux 4.15 kernel for Ubuntu 18.04 LTS and Ubuntu 16.04 LTS. Unfortunately, as part of the update, a regression was introduced that caused a kernel crash when handling fragmented packets in some situations. This update addresses the issue.
We apologize for the inconvenience.
Original advisory details:
Hui Peng and Mathias Payer discovered that the Option USB High Speed driver in the Linux kernel did not properly validate metadata received from the device. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2018-19985)
Zhipeng Xie discovered that an infinite loop could triggered in the CFS Linux kernel process scheduler. A local attacker could possibly use this to cause a denial of service. (CVE-2018-20784)
It was discovered that the Intel Wi-Fi device driver in the Linux kernel did not properly validate certain Tunneled Direct Link Setup (TDLS). A physically proximate attacker could use this to cause a denial of service (Wi-Fi disconnect). (CVE-2019-0136)
It was discovered that the Bluetooth UART implementation in the Linux kernel did not properly check for missing tty operations. A local attacker could use this to cause a denial of service. (CVE-2019-10207)
Amit Klein and Benny Pinkas discovered that the Linux kernel did not sufficiently randomize IP ID values generated for connectionless networking protocols. A remote attacker could use this to track particular Linux devices. (CVE-2019-10638)
Amit Klein and Benny Pinkas discovered that the location of kernel addresses could be exposed by the implementation of connection-less network protocols in the Linux kernel. A remote attacker could possibly use this to assist in the exploitation of another vulnerability in the Linux kernel. (CVE-2019-10639)
It was discovered that an integer overflow existed in the Linux kernel when reference counting pages, leading to potential use-after-free issues. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-11487)
Jann Horn discovered that a race condition existed in the Linux kernel when performing core dumps. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information. (CVE-2019-11599)
It was discovered that a null pointer dereference vulnerability existed in the LSI Logic MegaRAID driver in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2019-11810)
It was discovered that the GTCO tablet input driver in the Linux kernel did ...
Description truncated. Please see the references for more information.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for linux USN-4115-2 (OID:1.3.6.1.4.1.25623.1.0.844174)
Version used: 2019-09-16T07:48:47Z
The remote host is missing an update for the 'linux' package(s) announced via the USN-4162-1 advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.66.68
Solution type:VendorFix
Please install the updated package(s).
'linux' package(s) on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that the RSI 91x Wi-Fi driver in the Linux kernel did not did not handle detach operations correctly, leading to a use-after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-21008)
The Marvell Wi-Fi device driver in the Linux kernel did not properly perform bounds checking, leading to a heap overflow. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-14814, CVE-2019-14815, CVE-2019-14816)
Matt Delco discovered that the KVM hypervisor implementation in the Linux kernel did not properly perform bounds checking when handling coalesced MMIO write operations. A local attacker with write access to /dev/kvm could use this to cause a denial of service (system crash). (CVE-2019-14821)
Hui Peng and Mathias Payer discovered that the USB audio driver for the Linux kernel did not properly validate device meta data. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15117)
Hui Peng and Mathias Payer discovered that the USB audio driver for the Linux kernel improperly performed recursion while handling device meta data. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15118)
It was discovered that the Technisat DVB-S/S2 USB device driver in the Linux kernel contained a buffer overread. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2019-15505)
Brad Spengler discovered that a Spectre mitigation was improperly implemented in the ptrace subsystem of the Linux kernel. A local attacker could possibly use this to expose sensitive information. (CVE-2019-15902)
It was discovered that the SMB networking file system implementation in the Linux kernel contained a buffer overread. An attacker could use this to expose sensitive information (kernel memory). (CVE-2019-15918)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for linux USN-4162-1 (OID:1.3.6.1.4.1.25623.1.0.844208)
Version used: 2019-10-24T06:55:50Z
The host is installed with Oracle Java SE JRE and is prone to multiple unspecified vulnerabilities.
Installed version: 1.7.0update_25 Fixed version: Apply the patch
Successful exploitation will allow attackers to have an impact on confidentiality, integrity, and availability via different vectors.
Solution type:VendorFix
Apply the patch from the referenced advisory.
Oracle Java SE 6 update 101 and prior, 7 update 85 and prior, 8 update 60 and prior on Linux.
Multiple flaws are due to multiple unspecified errors.
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE JRE Multiple Unspecified Vulnerabilities-02 Oct 2015 (Linux) (OID:1.3.6.1.4.1.25623.1.0.108399)
Version used: 2020-05-12T13:57:17Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The host is installed with Oracle Java SE JRE and is prone to multiple unspecified vulnerabilities.
Installed version: 1.7.0update_25 Fixed version: Apply the patch
Successful exploitation will allow attackers to conduct a denial of service attack, man-in-the-middle attack, potentially disclose memory contents, remove or overwrite arbitrary files on the system, disclose certain directory information, bypass sandbox restrictions and potentially execute arbitrary code.
Solution type:VendorFix
Apply the patch from the referenced advisory.
Oracle Java SE 5 update 75 and prior, 6 update 85 and prior, 7 update 72 and prior, and 8 update 25 and prior on Linux.
Multiple unspecified flaws exist due to:
- An infinite loop in the DER decoder that is triggered when handling negative length values.
- An error in the RMI component's transport implementation related to incorrect context class loader use.
- An error in the Swing component's file chooser implementation.
- An error in vm/memory/referenceProcessor.cpp related to handling of phantom object references in the Hotspot JVM garbage collector.
- An error in the Hotspot JVM related to insecure handling of temporary performance data files.
- An error in the JSSE component related to improper ChangeCipherSpec tracking during SSL/TLS handshakes.
- Two out-of-bounds read errors in the layout component that is triggered when parsing fonts.
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE JRE Multiple Unspecified Vulnerabilities-04 Feb 2015 (Linux) (OID:1.3.6.1.4.1.25623.1.0.108403)
Version used: 2020-05-12T13:57:17Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
This host is installed with Oracle Java SE and is prone to multiple vulnerabilities.
The target host was found to be vulnerable
Successful exploitation will allow remote attackers to affect confidentiality, integrity and availability via unknown vectors.
Solution type:VendorFix
Apply the patch from the referenced advisory.
Oracle Java SE 7 update 45 and prior, Java SE 6 update 65 and prior, Java SE 5 update 55 and prior on Linux.
Multiple unspecified vulnerabilities exists.
Please see the references for more information on the vulnerabilities.
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Multiple Unspecified Vulnerabilities-03 Jan 2014 (Linux) (OID:1.3.6.1.4.1.25623.1.0.108415)
Version used: 2020-10-19T15:33:20Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The host is installed with Oracle Java SE JRE and is prone to multiple unspecified vulnerabilities.
Installed version: 1.7.0update_25 Fixed version: Apply the patch
Successful exploitation will allow attackers to gain knowledge of potentially sensitive information, conduct denial-of-service attacks, execute arbitrary code and other unspecified impact.
Solution type:VendorFix
Apply the patch from the referenced advisory.
Oracle Java SE 5.0 update 81 and prior, 6 update 91 and prior, 7 update 76 and prior, and 8 update 40 and prior on Linux.
Multiple flaws exist due to:
- An error in the Java Cryptography Extension (JCE) subcomponent's RSA signature implementation.
- An error in the JSSE subcomponent that is triggered when checking X.509 certificate options.
- An error in the 'ReferenceProcessor::process_discovered_references' function in share/vm/memory/referenceProcessor.cpp script.
- Two unspecified errors related to the 2D subcomponent.
- An error in the Beans subcomponent related to permissions and resource loading.
- An off-by-one overflow condition in the functions 'LigatureSubstitutionProcessor::processStateEntry' and 'LigatureSubstitutionProcessor2::processStateEntry' within LigatureSubstProc.cpp and LigatureSubstProc2.cpp scripts respectively.
- An unspecified error.
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE JRE Multiple Unspecified Vulnerabilities-02 Apr 2015 (Linux) (OID:1.3.6.1.4.1.25623.1.0.108397)
Version used: 2020-05-12T13:57:17Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The host is installed with Oracle Java SE JRE and is prone to multiple unspecified vulnerabilities.
Installed version: 1.7.0update_25 Fixed version: Apply the patch
Successful exploitation will allow attackers to gain escalated privileges, conduct a denial of service attack, bypass sandbox restrictions and execute arbitrary code.
Solution type:VendorFix
Apply the patch from the referenced advisory.
Oracle Java SE 6 update 85 and prior, 7 update 72 and prior, and 8 update 25 and prior on Linux.
Multiple unspecified flaws exist due to:
- An unspecified error in the JAX-WS component related to insufficient privilege checks.
- Two unspecified errors in the Deployment component.
- An unspecified error in the 'Libraries' component.
- An error in vm/classfile/verifier.cpp script related to insufficient verification of invokespecial calls.
- A NULL pointer dereference error in the MulticastSocket implementation.
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE JRE Multiple Unspecified Vulnerabilities-03 Feb 2015 (Linux) (OID:1.3.6.1.4.1.25623.1.0.108401)
Version used: 2020-05-12T13:57:17Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
This host is installed with Oracle Java SE and is prone to multiple vulnerabilities.
The target host was found to be vulnerable
Successful exploitation will allow remote attackers to affect confidentiality, integrity and availability via unknown vectors.
Solution type:VendorFix
Apply the patch from the referenced advisory.
Oracle Java SE 7 update 45 and prior, Java SE 6 update 65 and prior on Linux
Multiple unspecified vulnerabilities exists.
Please see the references for more information on the vulnerabilities.
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Multiple Unspecified Vulnerabilities-02 Jan 2014 (Linux) (OID:1.3.6.1.4.1.25623.1.0.108412)
Version used: 2020-10-19T15:33:20Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
This host is installed with Oracle Java SE JRE and is prone to multiple unspecified vulnerabilities.
The target host was found to be vulnerable
Successful exploitation will allow remote attackers to execute arbitrary code or possibly other impacts.
Solution type:VendorFix
Apply the patch from the referenced advisory.
Oracle Java SE 6 update 75 and prior, 7 update 60 and prior, and 8 update 5.0 and prior on Linux.
Multiple flaws exist:
- Two unspecified errors related to the Deployment subcomponent.
- An unspecified error in the Hotspot subcomponent related to bytecode verification.
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE JRE Multiple Unspecified Vulnerabilities-03 Jul 2014 (Linux) (OID:1.3.6.1.4.1.25623.1.0.108416)
Version used: 2020-11-19T14:17:11Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The host is installed with Oracle Java SE JRE and is prone to multiple unspecified vulnerabilities.
Installed version: 1.7.0update_25 Fixed version: Apply the patch from the referenced advisory.
Successful exploitation will allow attackers to have an impact on confidentiality, integrity, and availability.
Solution type:VendorFix
Apply the patch from the referenced advisory.
Oracle Java SE 6 update 95, 7 update 80, 8 update 45 on Linux.
Multiple errors exist due to unspecified flaws related to multiple unspecified vectors.
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE JRE Multiple Unspecified Vulnerabilities-01 July 2015 (Linux) (OID:1.3.6.1.4.1.25623.1.0.108395)
Version used: 2018-10-12T11:22:41Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The host is installed with Oracle Java SE JRE and is prone to multiple unspecified vulnerabilities.
Installed version: 1.7.0update_25 Fixed version: Apply the patch Installation path / port: /opt/atlassian/jira/jre/bin/java
Successful exploitation will allow attackers to have an impact on confidentiality, integrity, and availability via unknown vectors.
Solution type:VendorFix
Apply the patch from the referenced advisory.
Oracle Java SE 6 update 105, 7 update 91, 8 update 66 and prior on Linux.
Multiple flaws are due to multiple unspecified errors.
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE JRE Multiple Unspecified Vulnerabilities-01 Jan 2016 (Linux) (OID:1.3.6.1.4.1.25623.1.0.108393)
Version used: 2020-05-12T13:57:17Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The host is installed with Oracle Java SE and is prone to multiple vulnerabilities.
Installed version: 1.7.0update_25 Fixed version: Apply the patch Installation path / port: /opt/atlassian/jira/jre/bin/java
Successful exploitation will allow attackers to have an impact on confidentiality, integrity and availability via different vectors.
Solution type:VendorFix
Apply the patch from the referenced advisory.
Oracle Java SE 6 update 113 and prior, 7 update 99 and prior and 8 update 77 and prior on Linux.
Multiple flaws exist due to:
- The Security component in 'OpenJDK' failed to check the digest algorithm strength when generating DSA signatures.
- The JAXP component in 'OpenJDK' failed to properly handle Unicode surrogate pairs used as part of the XML attribute values.
- The RMI server implementation in the JMX component in 'OpenJDK' did not restrict which classes can be deserialized when deserializing authentication credentials.
- Multiple unspecified vulnerabilities.
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Multiple Vulnerabilities April 2016 (Linux) (OID:1.3.6.1.4.1.25623.1.0.108388)
Version used: 2020-10-23T13:29:00Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The remote host is missing an update for the 'perl' package(s) announced via the USN-3834-1 advisory.
Vulnerable package: perl Installed version: 5.26.1-6ubuntu0.2 Fixed version: 5.26.1-6ubuntu0.3
Solution type:VendorFix
Please install the updated package(s).
perl on Ubuntu 18.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS, Ubuntu 14.04 LTS.
Jayakrishna Menon discovered that Perl incorrectly handled Perl_my_setenv. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2018-18311)
Eiichi Tsukata discovered that Perl incorrectly handled certain regular expressions. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 18.10. (CVE-2018-18312)
Eiichi Tsukata discovered that Perl incorrectly handled certain regular expressions. An attacker could use this issue to cause Perl to crash, resulting in a denial of service. (CVE-2018-18313)
Jakub Wilk discovered that Perl incorrectly handled certain regular expressions. An attacker could use this issue to cause Perl to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 18.10. (CVE-2018-18314)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for perl USN-3834-1 (OID:1.3.6.1.4.1.25623.1.0.843844)
Version used: 2021-06-04T11:00:20Z
The remote host is missing an update for the 'git' package(s) announced via the referenced advisory.
Vulnerable package: git Installed version: 2.17.1-1ubuntu0.1 Fixed version: 1:2.17.1-1ubuntu0.3
Solution type:VendorFix
Please install the updated packages.
git on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS, Ubuntu 14.04 LTS
It was discovered that git did not properly validate git submodule urls or paths. A remote attacker could possibly use this to craft a git repository that causes arbitrary code execution when recursive operations are used.
Checks if a vulnerable version is present on the target host.
Details: Ubuntu Update for git USN-3791-1 (OID:1.3.6.1.4.1.25623.1.0.843657)
Version used: 2021-06-04T11:00:20Z
The remote host is missing an update for the 'tcpdump' package(s) announced via the USN-4252-1 advisory.
Vulnerable package: tcpdump Installed version: 4.9.2-3 Fixed version: 4.9.3-0ubuntu0.18.04.1
Solution type:VendorFix
Please install the updated package(s).
'tcpdump' package(s) on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Multiple security issues were discovered in tcpdump. A remote attacker could use these issues to cause tcpdump to crash, resulting in a denial of service, or possibly execute arbitrary code.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for tcpdump (USN-4252-1) (OID:1.3.6.1.4.1.25623.1.0.844311)
Version used: 2021-07-09T11:00:55Z
The remote host is missing an update for the 'rsync' package(s) announced via the USN-4292-1 advisory.
Vulnerable package: rsync Installed version: 3.1.2-2.1ubuntu1 Fixed version: 3.1.2-2.1ubuntu1.1
Solution type:VendorFix
Please install the updated package(s).
'rsync' package(s) on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that rsync incorrectly handled pointer arithmetic in zlib. An attacker could use this issue to cause rsync to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-9840, CVE-2016-9841)
It was discovered that rsync incorrectly handled vectors involving left shifts of negative integers in zlib. An attacker could use this issue to cause rsync to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-9842)
It was discovered that rsync incorrectly handled vectors involving big-endian CRC calculation in zlib. An attacker could use this issue to cause rsync to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-9843)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for rsync (USN-4292-1) (OID:1.3.6.1.4.1.25623.1.0.844353)
Version used: 2021-07-13T02:01:14Z
The remote host is missing an update for the 'curl' package(s) announced via the USN-3765-1 advisory.
Vulnerable package: curl Installed version: 7.58.0-2ubuntu3.2 Fixed version: 7.58.0-2ubuntu3.3
Solution type:VendorFix
Please install the updated package(s).
curl on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS, Ubuntu 14.04 LTS.
It was discovered that curl incorrectly handled certain inputs. An attacker could possibly use this to execute arbitrary code.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for curl USN-3765-1 (OID:1.3.6.1.4.1.25623.1.0.843701)
Version used: 2021-06-07T02:00:27Z
The remote host is missing an update for the 'curl' package(s) announced via the USN-3805-1 advisory.
Vulnerable package: curl Installed version: 7.58.0-2ubuntu3.2 Fixed version: 7.58.0-2ubuntu3.5
Solution type:VendorFix
Please install the updated package(s).
curl on Ubuntu 18.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS, Ubuntu 14.04 LTS.
Harry Sintonen discovered that curl incorrectly handled SASL authentication. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2018-16839)
Brian Carpenter discovered that curl incorrectly handled memory when closing certain handles. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2018-16840)
Brian Carpenter discovered that the curl command-line tool incorrectly handled error messages. A remote attacker could possibly use this issue to obtain sensitive information. (CVE-2018-16842)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for curl USN-3805-1 (OID:1.3.6.1.4.1.25623.1.0.843802)
Version used: 2021-06-07T02:00:27Z
The remote host is missing an update for the 'glib2.0' package(s) announced via the USN-3767-1 advisory.
Vulnerable package: libglib2.0-0 Installed version: 2.56.2-0ubuntu0.18.04.1 Fixed version: 2.56.2-0ubuntu0.18.04.2
Solution type:VendorFix
Please install the updated package(s).
glib2.0 on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS, Ubuntu 14.04 LTS.
It was discovered that GLib incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2018-16428)
It was discovered that GLib incorrectly handled certain files. An attacker could possibly use this issue to access sensitive information. (CVE-2018-16429)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for glib2.0 USN-3767-1 (OID:1.3.6.1.4.1.25623.1.0.843711)
Version used: 2021-06-07T02:00:27Z
The remote host is missing an update for the 'vim' package(s) announced via the USN-4309-1 advisory.
Vulnerable package: vim Installed version: 8.0.1453-1ubuntu1 Fixed version: 2:8.0.1453-1ubuntu1.3 Vulnerable package: vim-common Installed version: 8.0.1453-1ubuntu1 Fixed version: 2:8.0.1453-1ubuntu1.3 Vulnerable package: vim-runtime Installed version: 8.0.1453-1ubuntu1 Fixed version: 2:8.0.1453-1ubuntu1.3
Solution type:VendorFix
Please install the updated package(s).
'vim' package(s) on Ubuntu 19.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that Vim incorrectly handled certain sources. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM and Ubuntu 16.04 LTS (CVE-2017-1110)
It was discovered that Vim incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. (CVE-2017-5953)
It was discovered that Vim incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.06 LTS. (CVE-2018-20786)
It was discovered that Vim incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 19.10. (CVE-2019-20079)
It was discovered that Vim incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM and Ubuntu 16.04 LTS. (CVE-2017-6349, CVE-2017-6350)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for vim (USN-4309-1) (OID:1.3.6.1.4.1.25623.1.0.844372)
Version used: 2021-07-12T11:00:45Z
The remote host is missing an update for the 'git' package(s) announced via the USN-3829-1 advisory.
Vulnerable package: git Installed version: 2.17.1-1ubuntu0.1 Fixed version: 1:2.17.1-1ubuntu0.4
Solution type:VendorFix
Please install the updated package(s).
git on Ubuntu 18.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS, Ubuntu 14.04 LTS.
It was discovered that Git incorrectly handled layers of tree objects. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2017-15298)
It was discovered that Git incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-19486)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for git USN-3829-1 (OID:1.3.6.1.4.1.25623.1.0.843833)
Version used: 2021-06-03T11:00:21Z
The remote host is missing an update for the 'libbsd' package(s) announced via the USN-4243-1 advisory.
Vulnerable package: libbsd0 Installed version: 0.8.7-1 Fixed version: 0.8.7-1ubuntu0.1
Solution type:VendorFix
Please install the updated package(s).
'libbsd' package(s) on Ubuntu 19.04, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that libbsd incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 ESM. (CVE-2016-2090)
It was discovered that libbsd incorrectly handled certain strings. An attacker could possibly use this issue to access sensitive information. (CVE-2019-20367)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for libbsd USN-4243-1 (OID:1.3.6.1.4.1.25623.1.0.844299)
Version used: 2021-07-09T02:00:48Z
The remote host is missing an update for the 'linux' package(s) announced via the USN-4227-1 advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.74.76
Solution type:VendorFix
Please install the updated package(s).
'linux' package(s) on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that a heap-based buffer overflow existed in the Marvell WiFi-Ex Driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-14895, CVE-2019-14901)
It was discovered that a heap-based buffer overflow existed in the Marvell Libertas WLAN Driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-14896, CVE-2019-14897)
It was discovered that the Fujitsu ES network device driver for the Linux kernel did not properly check for errors in some situations, leading to a NULL pointer dereference. A local attacker could use this to cause a denial of service. (CVE-2019-16231)
It was discovered that the QLogic Fibre Channel driver in the Linux kernel did not properly check for error, leading to a NULL pointer dereference. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2019-16233)
Anthony Steinhauser discovered that the Linux kernel did not properly perform Spectre_RSB mitigations to all processors for PowerPC architecture systems in some situations. A local attacker could use this to expose sensitive information. (CVE-2019-18660)
It was discovered that the Mellanox Technologies Innova driver in the Linux kernel did not properly deallocate memory in certain failure conditions. A local attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19045)
It was discovered that Geschwister Schneider USB CAN interface driver in the Linux kernel did not properly deallocate memory in certain failure conditions. A physically proximate attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19052)
It was discovered that the AMD Display Engine Driver in the Linux kernel did not properly deallocate memory in certain error conditions. A local attack could use this to cause a denial of service (memory exhaustion). (CVE-2019-19083)
It was discovered that the driver for memoryless force-feedback input devices in the Linux kernel contained a use-after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2019-19524)
It was discovered that the Microchip CAN BUS Analyzer driver in the Linux kernel contained a use-after-free vulnerability on device disconnect. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly exec ...
Description truncated. Please see the references for more information.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for linux USN-4227-1 (OID:1.3.6.1.4.1.25623.1.0.844282)
Version used: 2021-07-13T02:01:14Z
This host is installed with Oracle Java SE JRE and is prone to multiple unspecified vulnerabilities.
The target host was found to be vulnerable
Successful exploitation will allow remote attackers to update, insert, or delete certain data, execute arbitrary code, conduct denial-of-service and disclose sensitive information.
Solution type:VendorFix
Apply the patch from the referenced advisory.
Oracle Java SE 7 update 60 and prior, and 8 update 5 and prior on Linux.
Multiple unspecified flaws exist:
- An error in the Security subcomponent related to the Elliptic Curve (EC) cryptography implementation.
- An error in the Serviceability subcomponent related to share/native/sun/management/GcInfoBuilder.c
- An error in the Libraries subcomponent related to share/classes/java/lang/invoke/MethodHandles.java
- An unspecified error related to the Deployment subcomponent.
- Two errors related to the Deployment subcomponent.
- A format string error in the Hotspot subcomponent within the EventMark constructor and destructor in share/vm/utilities/events.cpp
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE JRE Multiple Unspecified Vulnerabilities-02 Jul 2014 (Linux) (OID:1.3.6.1.4.1.25623.1.0.108413)
Version used: 2020-11-19T14:17:11Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
This host is installed with Oracle Java SE JRE and is prone to multiple unspecified vulnerabilities.
Installed version: 1.7.0update_25 Vulnerable range: 1.7.0 - 1.7.0.60 Installation path / port: /opt/atlassian/jira/jre/bin/java
Successful exploitation will allow remote attackers to execute arbitrary code.
Solution type:VendorFix
Apply the patch from the referenced advisory.
Oracle Java SE 7 update 60 and prior on Linux.
Multiple flaws exist:
- An unspecified error in the Libraries subcomponent within the 'Invokers::invokeForm' function in share/classes/java/lang/invoke/Invokers.java
- Another unspecified error related to the Libraries subcomponent in share/vm/classfile/classFileParser.hpp
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE JRE Multiple Unspecified Vulnerabilities-05 Jul 2014 (Linux) (OID:1.3.6.1.4.1.25623.1.0.108419)
Version used: 2020-12-30T00:35:59Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The host is installed with Oracle Java SE JRE and is prone to multiple unspecified vulnerabilities.
The target host was found to be vulnerable
Successful exploitation will allow attackers to manipulate certain data and execute arbitrary code.
Solution type:VendorFix
Apply the patch from the referenced advisory.
Oracle Java SE 7 update 67 and prior, and 8 update 20 and prior on Linux.
Multiple flaws exist due to:
- Multiple errors within the Deployment subcomponent.
- An error in the 'ClassFileParser::parse_classfile_bootstrap_methods_attribute' function in share/vm/classfile/classFileParser.cpp script.
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE JRE Multiple Unspecified Vulnerabilities-03 Oct 2014 (Linux) (OID:1.3.6.1.4.1.25623.1.0.108417)
Version used: 2020-05-12T13:57:17Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The remote host is missing an update for the 'apt' package(s) announced via the USN-3863-1 advisory.
Vulnerable package: apt Installed version: 1.6.3ubuntu0.1 Fixed version: 1.6.6ubuntu0.1
Solution type:VendorFix
Please install the updated package(s).
apt on Ubuntu 18.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS, Ubuntu 14.04 LTS.
Max Justicz discovered that APT incorrectly handled certain parameters during redirects. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be used to install altered packages.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for apt USN-3863-1 (OID:1.3.6.1.4.1.25623.1.0.843878)
Version used: 2019-03-18T16:34:17Z
The remote host is missing an update for the 'vim' package(s) announced via the USN-4016-1 advisory.
Vulnerable package: vim Installed version: 8.0.1453-1ubuntu1 Fixed version: 2:8.0.1453-1ubuntu1.1 Vulnerable package: vim-common Installed version: 8.0.1453-1ubuntu1 Fixed version: 2:8.0.1453-1ubuntu1.1 Vulnerable package: vim-runtime Installed version: 8.0.1453-1ubuntu1 Fixed version: 2:8.0.1453-1ubuntu1.1
Solution type:VendorFix
Please install the updated package(s).
'vim' package(s) on Ubuntu 19.04, Ubuntu 18.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that Vim incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. (CVE-2017-5953)
It was discovered that Vim incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. (CVE-2019-12735)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for vim USN-4016-1 (OID:1.3.6.1.4.1.25623.1.0.844051)
Version used: 2019-06-13T11:51:34Z
The host is installed with Oracle Java SE and is prone to multiple unspecified vulnerabilities.
Installed version: 1.7.0update_25 Fixed version: Apply the patch Installation path / port: /opt/atlassian/jira/jre/bin/java
Successful exploitation will allow remote user to access and modify data on the target system, also can obtain elevated privileges on the target system.
Solution type:VendorFix
Apply the patch from the referenced advisory.
Oracle Java SE 6 update 121 and prior, 7 update 111 and prior, and 8 update 102 and prior on Linux.
Multiple flaws are due to:
- A flaw in the 2D component.
- A flaw in the AWT component.
- A flaw in the Hotspot component.
- A flaw in the Networking component.
- A flaw in the JMX component.
- A flaw in the Libraries component.
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Multiple Unspecified Vulnerabilities-01 Oct 2016 (Linux) (OID:1.3.6.1.4.1.25623.1.0.108385)
Version used: 2020-05-12T13:57:17Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The remote host is missing an update for the 'linux' package(s) announced via the USN-4068-1 advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.55.57
Solution type:VendorFix
Please install the updated package(s).
'linux' package(s) on Ubuntu 18.04 LTS.
Adam Zabrocki discovered that the Intel i915 kernel mode graphics driver in the Linux kernel did not properly restrict mmap() ranges in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-11085)
It was discovered that a race condition leading to a use-after-free existed in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel. The RDS protocol is blacklisted by default in Ubuntu. If enabled, a local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-11815)
It was discovered that the ext4 file system implementation in the Linux kernel did not properly zero out memory in some situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2019-11833)
It was discovered that the Bluetooth Human Interface Device Protocol (HIDP) implementation in the Linux kernel did not properly verify strings were NULL terminated in certain situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2019-11884)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for linux USN-4068-1 (OID:1.3.6.1.4.1.25623.1.0.844104)
Version used: 2019-07-25T11:54:35Z
The remote host is missing an update for the 'patch' package(s) announced via the USN-4071-1 advisory.
Vulnerable package: patch Installed version: 2.7.6-2ubuntu1 Fixed version: 2.7.6-2ubuntu1.1
Solution type:VendorFix
Please install the updated package(s).
'patch' package(s) on Ubuntu 19.04, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that Patch incorrectly handled certain files. An attacker could possibly use this issue to access sensitive information. (CVE-2019-13636)
It was discovered that Patch incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. (CVE-2019-13638)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for patch USN-4071-1 (OID:1.3.6.1.4.1.25623.1.0.844106)
Version used: 2019-08-08T06:47:52Z
This host is installed with Oracle Java SE and is prone to multiple vulnerabilities.
Installed version: 1.7.0update_25 Vulnerable range: 1.7 - 1.7.0.45 Installation path / port: /opt/atlassian/jira/jre/bin/java
Successful exploitation will allow remote attackers to affect confidentiality, integrity and availability via unknown vectors.
Solution type:VendorFix
Apply the patch from the referenced advisory.
Oracle Java SE 7 update 45 and prior on Linux.
Multiple unspecified vulnerabilities exist.
Please see the references for more information on the vulnerabilities.
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Multiple Unspecified Vulnerabilities-01 Jan 2014 (Linux) (OID:1.3.6.1.4.1.25623.1.0.108427)
Version used: 2020-12-30T00:35:59Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The remote host is missing an update for the 'git' package(s) announced via the USN-4220-1 advisory.
Vulnerable package: git Installed version: 2.17.1-1ubuntu0.1 Fixed version: 1:2.17.1-1ubuntu0.5
Solution type:VendorFix
Please install the updated package(s).
'git' package(s) on Ubuntu 19.10, Ubuntu 19.04, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Joern Schneeweisz and Nicolas Joly discovered that Git contained various security flaws. An attacker could possibly use these issues to overwrite arbitrary paths, execute arbitrary code, and overwrite files in the .git directory.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for git USN-4220-1 (OID:1.3.6.1.4.1.25623.1.0.844267)
Version used: 2020-02-10T07:58:04Z
The host is installed with Oracle Java SE JRE and is prone to multiple unspecified vulnerabilities.
Installed version: 1.7.0update_25 Fixed version: Apply the patch from the referenced advisory.
Successful exploitation will allow attackers to have an impact on confidentiality, integrity, and availability, and execute arbitrary code.
Solution type:VendorFix
Apply the patch from the referenced advisory.
Oracle Java SE 7 update 76 and prior, and 8 update 40 and prior on Linux.
Multiple flaws exist due to two unspecified flaws related to the JavaFX subcomponent.
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE JRE Multiple Unspecified Vulnerabilities-01 Apr 2015 (Linux) (OID:1.3.6.1.4.1.25623.1.0.108409)
Version used: 2018-10-12T11:22:41Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
This host is installed with Oracle Java SE JRE and is prone to multiple unspecified vulnerabilities.
The target host was found to be vulnerable
Successful exploitation will allow remote attackers to update, insert, or delete certain data, execute arbitrary code, conduct a denial of service and disclosure of potentially sensitive information.
Solution type:VendorFix
Apply the patch from the referenced advisory.
Oracle Java SE 5 update 65 and prior, 6 update 75 and prior, 7 update 60 and prior, and 8 update 5 and prior on Linux.
Multiple unspecified flaws exist:
- An error in the JMX subcomponent related to share/classes/com/sun/jmx/remote/security/SubjectDelegator.java
- An error related to the Hotspot subcomponent in share/vm/classfile/classFileParser.hpp
- An error in the Libraries subcomponent related to share/classes/java/lang/reflect/Proxy.java and handling of interfaces passed to proxy methods.
- An error within the Swing subcomponent related to missing access restrictions imposed by the file choosers.
- An error in the Security subcomponent related to share/classes/java/security/Provider.java and instantiation of security services with non-public constructors.
- An error in the Diffie-Hellman key agreement within the Security subcomponent related to 'validateDHPublicKey' function in share/classes/sun/security/util/KeyUtil.java
- An error in Libraries subcomponent within 'AtomicReferenceFieldUpdaterImpl' function in /java/util/concurrent/atomic/AtomicReferenceFieldUpdater.java
- An error in the Security subcomponent related to share/classes/sun/security/rsa/RSACore.java and RSA 'blinding'.
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE JRE Multiple Unspecified Vulnerabilities-01 Jul 2014 (Linux) (OID:1.3.6.1.4.1.25623.1.0.108410)
Version used: 2020-11-19T14:17:11Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The host is installed with Oracle Java SE and is prone to unspecified vulnerability.
Installed version: 1.7.0update_25 Fixed version: Apply the patch Installation path / port: /opt/atlassian/jira/jre/bin/java
Successful exploitation will allow attackers to have an impact on confidentiality, integrity and availability via unknown vectors.
Solution type:VendorFix
Apply the patch from the referenced advisory.
Oracle Java SE 7 update 97, 8 update 73, 8 update 74 and prior on Linux.
The flaw exists due to some unspecified error.
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE JRE Unspecified Vulnerability March 2016 (Linux) (OID:1.3.6.1.4.1.25623.1.0.108392)
Version used: 2019-05-17T10:45:27Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The host is installed with Oracle Java SE JRE and is prone to multiple unspecified vulnerabilities.
Installed version: 1.7.0update_25 Fixed version: Apply the patch from the referenced advisory.
Successful exploitation will allow attackers to have an impact on confidentiality, integrity, and availability.
Solution type:VendorFix
Apply the patch from the referenced advisory.
Oracle Java SE 7 update 80 and 8 update 45 on Linux.
Multiple errors exist due to unspecified flaws related to multiple unspecified vectors.
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE JRE Multiple Unspecified Vulnerabilities-02 July 2015 (Linux) (OID:1.3.6.1.4.1.25623.1.0.108398)
Version used: 2018-10-12T11:22:41Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The remote host is missing an update for the 'sudo' package(s) announced via the USN-4154-1 advisory.
Vulnerable package: sudo Installed version: 1.8.21p2-3ubuntu1 Fixed version: 1.8.21p2-3ubuntu1.1
Solution type:VendorFix
Please install the updated package(s).
'sudo' package(s) on Ubuntu 19.04, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Joe Vennix discovered that Sudo incorrectly handled certain user IDs. An attacker could potentially exploit this to execute arbitrary commands as the root user.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for sudo USN-4154-1 (OID:1.3.6.1.4.1.25623.1.0.844200)
Version used: 2019-10-28T07:58:00Z
The remote host is missing an update for the 'policykit-1' package(s) announced via the USN-3861-1 advisory.
Vulnerable package: libpolkit-backend-1-0 Installed version: 0.105-20ubuntu0.18.04.1 Fixed version: 0.105-20ubuntu0.18.04.4
Solution type:VendorFix
Please install the updated package(s).
policykit-1 on Ubuntu 18.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS, Ubuntu 14.04 LTS.
It was discovered that PolicyKit incorrectly handled certain large user UIDs. A local attacker with a large UID could possibly use this issue to perform privileged actions.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for policykit-1 USN-3861-1 (OID:1.3.6.1.4.1.25623.1.0.843874)
Version used: 2019-03-18T16:34:17Z
The host is installed with Oracle Java SE and is prone to a remote privilege escalation vulnerability.
Installed version: 1.7.0update_25 Fixed version: Apply the patch Installation path / port: /opt/atlassian/jira/jre/bin/java
Successful exploitation will allow remote attackers to gain elevated privileges.
Solution type:VendorFix
Apply the appropriate patch from the vendor. Please see the references for more information.
Oracle Java SE version 1.8.0.172 and earlier, 1.7.0.181 and earlier, 1.6.0.191 and earlier on Linux
The flaw exists due to an unspecified error in 'Java DB' component.
Check if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates-01 (jul2018-4258247) Linux (OID:1.3.6.1.4.1.25623.1.0.813681)
Version used: 2021-06-30T02:00:35Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The remote host is missing an update for the 'linux' package(s) announced via the USN-4591-1 advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.122.109
Solution type:VendorFix
Please install the updated package(s).
'linux' package(s) on Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-12351)
Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux kernel did not properly initialize memory in some situations. A physically proximate remote attacker could use this to expose sensitive information (kernel memory). (CVE-2020-12352)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for linux (USN-4591-1) (OID:1.3.6.1.4.1.25623.1.0.844663)
Version used: 2021-07-12T02:00:56Z
The remote host is missing an update for the 'icu' package(s) announced via the USN-4305-1 advisory.
Vulnerable package: libicu60 Installed version: 60.2-3ubuntu3 Fixed version: 60.2-3ubuntu3.1
Solution type:VendorFix
Please install the updated package(s).
'icu' package(s) on Ubuntu 19.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
André Bargull discovered that ICU incorrectly handled certain strings. An attacker could possibly use this issue to execute arbitrary code.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for icu (USN-4305-1) (OID:1.3.6.1.4.1.25623.1.0.844366)
Version used: 2021-07-13T02:01:14Z
The remote host is missing an update for the 'sqlite3' package(s) announced via the USN-4298-1 advisory.
Vulnerable package: libsqlite3-0 Installed version: 3.22.0-1 Fixed version: 3.22.0-1ubuntu0.3
Solution type:VendorFix
Please install the updated package(s).
'sqlite3' package(s) on Ubuntu 19.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that SQLite incorrectly handled certain shadow tables. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2019-13734, CVE-2019-13750, CVE-2019-13753)
It was discovered that SQLite incorrectly handled certain corrupt records. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2019-13751)
It was discovered that SQLite incorrectly handled certain queries. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 19.10. (CVE-2019-19880)
It was discovered that SQLite incorrectly handled certain queries. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 19.10. (CVE-2019-19923)
It was discovered that SQLite incorrectly handled parser tree rewriting. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 19.10. (CVE-2019-19924)
It was discovered that SQLite incorrectly handled certain ZIP archives. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 19.10. (CVE-2019-19925, CVE-2019-19959)
It was discovered that SQLite incorrectly handled errors during parsing. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2019-19926)
It was discovered that SQLite incorrectly handled parsing errors. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2019-20218)
It was discovered that SQLite incorrectly handled generated column optimizations. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 19.10. (CVE-2020-9327)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for sqlite3 (USN-4298-1) (OID:1.3.6.1.4.1.25623.1.0.844360)
Version used: 2021-07-13T02:01:14Z
The remote host is missing an update for the 'perl' package(s) announced via the USN-4602-1 advisory.
Vulnerable package: perl Installed version: 5.26.1-6ubuntu0.2 Fixed version: 5.26.1-6ubuntu0.5
Solution type:VendorFix
Please install the updated package(s).
'perl' package(s) on Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
ManhND discovered that Perl incorrectly handled certain regular expressions. In environments where untrusted regular expressions are evaluated, a remote attacker could possibly use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-10543)
Hugo van der Sanden and Slaven Rezic discovered that Perl incorrectly handled certain regular expressions. In environments where untrusted regular expressions are evaluated, a remote attacker could possibly use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-10878)
Sergey Aleynikov discovered that Perl incorrectly handled certain regular expressions. In environments where untrusted regular expressions are evaluated, a remote attacker could possibly use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-12723)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for perl (USN-4602-1) (OID:1.3.6.1.4.1.25623.1.0.844677)
Version used: 2021-07-12T02:00:56Z
The remote host is missing an update for the 'linux' package(s) announced via the USN-3820-1 advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.39.41
Solution type:VendorFix
Please install the updated package(s).
linux on Ubuntu 18.04 LTS.
Felix Wilhelm discovered that the Xen netback driver in the Linux kernel did not properly perform input validation in some situations. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-15471)
It was discovered that the generic SCSI driver in the Linux kernel did not properly enforce permissions on kernel memory access. A local attacker could use this to expose sensitive information or possibly elevate privileges. (CVE-2017-13168)
It was discovered that an integer overflow existed in the CD-ROM driver of the Linux kernel. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2018-16658)
It was discovered that an integer overflow existed in the HID Bluetooth implementation in the Linux kernel that could lead to a buffer overwrite. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-9363)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for linux USN-3820-1 (OID:1.3.6.1.4.1.25623.1.0.843825)
Version used: 2021-06-07T02:00:27Z
The remote host is missing an update for the 'dnsmasq' package(s) announced via the USN-4698-2 advisory.
Vulnerable package: dnsmasq-base Installed version: 2.79-1 Fixed version: 2.79-1ubuntu0.3
Solution type:VendorFix
Please install the updated package(s).
'dnsmasq' package(s) on Ubuntu 20.10, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
USN-4698-1 fixed vulnerabilities in Dnsmasq. The updates introduced regressions in certain environments related to issues with multiple queries, and issues with retries. This update fixes the problem.
Original advisory details:
Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled memory when sorting RRsets. A remote attacker could use this issue to cause Dnsmasq to hang, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-25681, CVE-2020-25687) Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled extracting certain names. A remote attacker could use this issue to cause Dnsmasq to hang, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-25682, CVE-2020-25683) Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly implemented address/port checks. A remote attacker could use this issue to perform a cache poisoning attack. (CVE-2020-25684) Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly implemented query resource name checks. A remote attacker could use this issue to perform a cache poisoning attack. (CVE-2020-25685) Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled multiple query requests for the same resource name. A remote attacker could use this issue to perform a cache poisoning attack. (CVE-2020-25686) It was discovered that Dnsmasq incorrectly handled memory during DHCP response creation. A remote attacker could possibly use this issue to cause Dnsmasq to consume resources, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2019-14834)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for dnsmasq (USN-4698-2) (OID:1.3.6.1.4.1.25623.1.0.844845)
Version used: 2021-03-01T04:08:26Z
The host is installed with Oracle Java SE and is prone to privilege escalation vulnerability.
Installed version: 1.7.0update_25 Fixed version: Apply the patch Installation path / port: /opt/atlassian/jira/jre/bin/java
Successful exploitation will allow remote attackers to gain elevated privileges.
Solution type:VendorFix
Apply the appropriate patch from the vendor. Please see the references for more information.
Oracle Java SE version 1.7.0 to 1.7.0.191 and 1.8.0 to 1.8.0.182 and 11 on Linux.
The flaw exists due to an error in the Hotspot component.
Check if a vulnerable version is present on the target host.
Details: Oracle Java SE Privilege Escalation Vulnerability (oct2018-4428296)-Linux (OID:1.3.6.1.4.1.25623.1.0.814403)
Version used: 2021-06-30T02:00:35Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The remote host is missing an update for the 'linux' package(s) announced via the USN-4094-1 advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.58.60
Solution type:VendorFix
Please install the updated package(s).
'linux' package(s) on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that the alarmtimer implementation in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service. (CVE-2018-13053)
Wen Xu discovered that the XFS filesystem implementation in the Linux kernel did not properly track inode validations. An attacker could use this to construct a malicious XFS image that, when mounted, could cause a denial of service (system crash). (CVE-2018-13093)
The f2fs file system implementation in the Linux kernel did not properly validate metadata. An attacker could use this to construct a malicious f2fs image that, when mounted, could cause a denial of service (system crash). (CVE-2018-13097, CVE-2018-13099, CVE-2018-13100, CVE-2018-14614, CVE-2018-14616, CVE-2018-13096, CVE-2018-13098, CVE-2018-14615)
btrfs file system implementation in the Linux kernel did not properly validate metadata. An attacker could use this to construct a malicious btrfs image that, when mounted, could cause a denial of service (system crash). (CVE-2018-14610, CVE-2018-14611, CVE-2018-14612, CVE-2018-14613, CVE-2018-14609)
Wen Xu discovered that the HFS+ filesystem implementation in the Linux kernel did not properly handle malformed catalog data in some situations. An attacker could use this to construct a malicious HFS+ image that, when mounted, could cause a denial of service (system crash). (CVE-2018-14617)
Vasily Averin and Pavel Tikhomirov discovered that the cleancache subsystem of the Linux kernel did not properly initialize new files in some situations. A local attacker could use this to expose sensitive information. (CVE-2018-16862)
Hui Peng and Mathias Payer discovered that the USB subsystem in the Linux kernel did not properly handle size checks when handling an extra USB descriptor. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2018-20169)
It was discovered that a use-after-free error existed in the block layer subsystem of the Linux kernel when certain failure conditions occurred. A local attacker could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-20856)
Eli Biham and Lior Neumann discovered that the Bluetooth implementation in the Linux kernel did not properly validate elliptic curve parameters during Diffie-Hellman key exchange in some situations. An attacker could use this to expose sensitive information. (CVE-2018-5383)
It was discovered that a heap buffer overflow existed in the Marvell Wireless ...
Description truncated. Please see the references for more information.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for linux USN-4094-1 (OID:1.3.6.1.4.1.25623.1.0.844133)
Version used: 2019-08-14T07:16:43Z
The remote host is missing an update for the 'linux' package(s) announced via the USN-4185-1 advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.69.71
Solution type:VendorFix
Please install the updated package(s).
'linux' package(s) on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions (TSX) could expose memory contents previously stored in microarchitectural buffers to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. (CVE-2019-11135)
It was discovered that the Intel i915 graphics chipsets allowed userspace to modify page table entries via writes to MMIO from the Blitter Command Streamer and expose kernel memory information. A local attacker could use this to expose sensitive information or possibly elevate privileges. (CVE-2019-0155)
Deepak Gupta discovered that on certain Intel processors, the Linux kernel did not properly perform invalidation on page table updates by virtual guest operating systems. A local attacker in a guest VM could use this to cause a denial of service (host system crash). (CVE-2018-12207)
It was discovered that the Intel i915 graphics chipsets could cause a system hang when userspace performed a read from GT memory mapped input output (MMIO) when the product is in certain low power states. A local attacker could use this to cause a denial of service. (CVE-2019-0154)
Hui Peng discovered that the Atheros AR6004 USB Wi-Fi device driver for the Linux kernel did not properly validate endpoint descriptors returned by the device. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15098)
Ori Nimron discovered that the AX25 network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17052)
Ori Nimron discovered that the IEEE 802.15.4 Low-Rate Wireless network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17053)
Ori Nimron discovered that the Appletalk network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17054)
Ori Nimron discovered that the modular ISDN network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17055)
Ori Nimron discovered that the Near field Communication (NFC) network protocol implementation in ...
Description truncated. Please see the references for more information.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for linux USN-4185-1 (OID:1.3.6.1.4.1.25623.1.0.844230)
Version used: 2019-11-29T08:04:17Z
The remote host is missing an update for the 'linux' package(s) announced via the USN-4185-3 advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.70.72
Solution type:VendorFix
Please install the updated package(s).
'linux' package(s) on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
USN-4185-1 fixed vulnerabilities in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 (i915 missing Blitter Command Streamer check) was incomplete on 64-bit Intel x86 systems. Also, the update introduced a regression that broke KVM guests where extended page tables (EPT) are disabled or not supported. This update addresses both issues.
We apologize for the inconvenience.
Original advisory details:
Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions (TSX) could expose memory contents previously stored in microarchitectural buffers to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. (CVE-2019-11135)
It was discovered that the Intel i915 graphics chipsets allowed userspace to modify page table entries via writes to MMIO from the Blitter Command Streamer and expose kernel memory information. A local attacker could use this to expose sensitive information or possibly elevate privileges. (CVE-2019-0155)
Deepak Gupta discovered that on certain Intel processors, the Linux kernel did not properly perform invalidation on page table updates by virtual guest operating systems. A local attacker in a guest VM could use this to cause a denial of service (host system crash). (CVE-2018-12207)
It was discovered that the Intel i915 graphics chipsets could cause a system hang when userspace performed a read from GT memory mapped input output (MMIO) when the product is in certain low power states. A local attacker could use this to cause a denial of service. (CVE-2019-0154)
Hui Peng discovered that the Atheros AR6004 USB Wi-Fi device driver for the Linux kernel did not properly validate endpoint descriptors returned by the device. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15098)
Ori Nimron discovered that the AX25 network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17052)
Ori Nimron discovered that the IEEE 802.15.4 Low-Rate Wireless network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17053)
Ori Nimron discovered that the Appletalk network protocol implementation in the Linux kernel di ...
Description truncated. Please see the references for more information.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for linux USN-4185-3 (OID:1.3.6.1.4.1.25623.1.0.844234)
Version used: 2019-11-29T08:04:17Z
The host is installed with Oracle Java SE and is prone to a privilege escalation vulnerability.
Installed version: 1.7.0update_25 Fixed version: Apply the patch Installation path / port: /opt/atlassian/jira/jre/bin/java
Successful exploitation will allow remote attackers to gain elevated privileges.
Solution type:VendorFix
Apply the appropriate patch from the vendor. Please see the references for more information.
Oracle Java SE version 10.0 through 10.0.1 and 1.8.0.172 and earlier, 1.7.0.181 and earlier on Linux.
The flaw is due to an unspecified error in the JavaFX component.
Check if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates-05 (jul2018-4258247) Linux (OID:1.3.6.1.4.1.25623.1.0.813689)
Version used: 2021-06-30T02:00:35Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The host is installed with Oracle Java SE and is prone to multiple vulnerabilities.
Installed version: 1.7.0update_25 Fixed version: Apply the patch Installation path / port: /opt/atlassian/jira/jre/bin/java
Successful exploitation will allow remote attackers to affect confidentiality and integrity via unknown vectors.
Solution type:VendorFix
Apply the appropriate patch from the vendor. Please see the references for more information.
Oracle Java SE version 1.8.0.162 and earlier, 1.6.0.181 and earlier, 1.7.0.171 and earlier, 10.0 on Linux.
Multiple flaws are due to multiple unspecified errors in 'Hotspot', 'Security', 'AWT', 'JMX' and 'Serialization' Java SE components
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (apr2018-3678067) 04 - Linux (OID:1.3.6.1.4.1.25623.1.0.813310)
Version used: 2021-06-30T02:00:35Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The remote host is missing an update for the 'dnsmasq' package(s) announced via the USN-4698-1 advisory.
Vulnerable package: dnsmasq-base Installed version: 2.79-1 Fixed version: 2.79-1ubuntu0.2
Solution type:VendorFix
Please install the updated package(s).
'dnsmasq' package(s) on Ubuntu 20.10, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled memory when sorting RRsets. A remote attacker could use this issue to cause Dnsmasq to hang, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-25681, CVE-2020-25687)
Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled extracting certain names. A remote attacker could use this issue to cause Dnsmasq to hang, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-25682, CVE-2020-25683)
Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly implemented address/port checks. A remote attacker could use this issue to perform a cache poisoning attack. (CVE-2020-25684)
Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly implemented query resource name checks. A remote attacker could use this issue to perform a cache poisoning attack. (CVE-2020-25685)
Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled multiple query requests for the same resource name. A remote attacker could use this issue to perform a cache poisoning attack. (CVE-2020-25686)
It was discovered that Dnsmasq incorrectly handled memory during DHCP response creation. A remote attacker could possibly use this issue to cause Dnsmasq to consume resources, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2019-14834)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for dnsmasq (USN-4698-1) (OID:1.3.6.1.4.1.25623.1.0.844792)
Version used: 2021-02-02T09:53:24Z
The remote host is missing an update for the 'grub2' package(s) announced via the USN-4432-2 advisory.
Vulnerable package: grub-efi-amd64-bin Installed version: 2.02-2ubuntu8.4 Fixed version: 2.02-2ubuntu8.17 Vulnerable package: grub-efi-amd64-signed Installed version: 1.93.5+2.02-2ubuntu8.4 Fixed version: 1.93.19+2.02-2ubuntu8.17
Solution type:VendorFix
Please install the updated package(s).
'grub2' package(s) on Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
USN-4432-1 fixed vulnerabilities in GRUB2 affecting Secure Boot environments. Unfortunately, the update introduced regressions for some BIOS systems (either pre-UEFI or UEFI configured in Legacy mode), preventing them from successfully booting. This update addresses the issue.
Users with BIOS systems that installed GRUB2 versions from USN-4432-1 should verify that their GRUB2 installation has a correct understanding of their boot device location and installed the boot loader correctly.
We apologize for the inconvenience.
Original advisory details:
Jesse Michael and Mickey Shkatov discovered that the configuration parser in GRUB2 did not properly exit when errors were discovered, resulting in heap-based buffer overflows. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2020-10713)
Chris Coulson discovered that the GRUB2 function handling code did not properly handle a function being redefined, leading to a use-after-free vulnerability. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2020-15706)
Chris Coulson discovered that multiple integer overflows existed in GRUB2 when handling certain filesystems or font files, leading to heap-based buffer overflows. A local attacker could use these to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2020-14309, CVE-2020-14310, CVE-2020-14311)
It was discovered that the memory allocator for GRUB2 did not validate allocation size, resulting in multiple integer overflows and heap-based buffer overflows when handling certain filesystems, PNG images or disk metadata. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2020-14308)
Mathieu Trudel-Lapierre discovered that in certain situations, GRUB2 failed to validate kernel signatures. A local attacker could use this to bypass Secure Boot restrictions. (CVE-2020-15705)
Colin Watson and Chris Coulson discovered that an integer overflow existed in GRUB2 when handling the initrd command, leading to a heap-based buffer overflow. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2020-15707)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for grub2 (USN-4432-2) (OID:1.3.6.1.4.1.25623.1.0.844526)
Version used: 2021-07-12T11:00:45Z
The remote host is missing an update for the 'grub2' package(s) announced via the USN-4432-1 advisory.
Vulnerable package: grub-efi-amd64-bin Installed version: 2.02-2ubuntu8.4 Fixed version: 2.02-2ubuntu8.16 Vulnerable package: grub-efi-amd64-signed Installed version: 1.93.5+2.02-2ubuntu8.4 Fixed version: 1.93.18+2.02-2ubuntu8.16
Solution type:VendorFix
Please install the updated package(s).
'grub2' package(s) on Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Jesse Michael and Mickey Shkatov discovered that the configuration parser in GRUB2 did not properly exit when errors were discovered, resulting in heap-based buffer overflows. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2020-10713)
Chris Coulson discovered that the GRUB2 function handling code did not properly handle a function being redefined, leading to a use-after-free vulnerability. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2020-15706)
Chris Coulson discovered that multiple integer overflows existed in GRUB2 when handling certain filesystems or font files, leading to heap-based buffer overflows. A local attacker could use these to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2020-14309, CVE-2020-14310, CVE-2020-14311)
It was discovered that the memory allocator for GRUB2 did not validate allocation size, resulting in multiple integer overflows and heap-based buffer overflows when handling certain filesystems, PNG images or disk metadata. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2020-14308)
Mathieu Trudel-Lapierre discovered that in certain situations, GRUB2 failed to validate kernel signatures. A local attacker could use this to bypass Secure Boot restrictions. (CVE-2020-15705)
Colin Watson and Chris Coulson discovered that an integer overflow existed in GRUB2 when handling the initrd command, leading to a heap-based buffer overflow. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2020-15707)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for grub2 (USN-4432-1) (OID:1.3.6.1.4.1.25623.1.0.844519)
Version used: 2021-07-09T02:00:48Z
The remote host is missing an update for the 'busybox' package(s) announced via the USN-4531-1 advisory.
Vulnerable package: busybox-initramfs Installed version: 1.27.2-2ubuntu3 Fixed version: 1:1.27.2-2ubuntu3.3 Vulnerable package: busybox-static Installed version: 1.27.2-2ubuntu3 Fixed version: 1:1.27.2-2ubuntu3.3
Solution type:VendorFix
Please install the updated package(s).
'busybox' package(s) on Ubuntu 20.04 LTS, Ubuntu 18.04 LTS.
It was discovered that the BusyBox wget applet incorrectly validated SSL certificates. A remote attacker could possibly use this issue to intercept secure communications.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for busybox (USN-4531-1) (OID:1.3.6.1.4.1.25623.1.0.844602)
Version used: 2021-07-12T11:00:45Z
The remote host is missing an update for the 'linux' package(s) announced via the USN-3981-1 advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.50.52
Solution type:VendorFix
Please install the updated package(s).
'linux' package(s) on Ubuntu 18.04 LTS.
Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian sterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered that memory previously stored in microarchitectural fill buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. (CVE-2018-12130)
Brandon Falk, Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Stephan van Schaik, Alyssa Milburn, Sebastian sterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, and Cristiano Giuffrida discovered that memory previously stored in microarchitectural load ports of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. (CVE-2018-12127)
Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Marina Minkin, Daniel Moghimi, Moritz Lipp, Michael Schwarz, Jo Van Bulck, Daniel Genkin, Daniel Gruss, Berk Sunar, Frank Piessens, and Yuval Yarom discovered that memory previously stored in microarchitectural store buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. (CVE-2018-12126)
Vasily Averin and Evgenii Shatokhin discovered that a use-after-free vulnerability existed in the NFS41+ subsystem when multiple network namespaces are in use. A local attacker in a container could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-16884)
Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Volodrmyr Pikhur, Moritz Lipp, Michael Schwarz, Daniel Gruss, Stephan van Schaik, Alyssa Milburn, Sebastian sterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, and Cristiano Giuffrida discovered that uncacheable memory previously stored in microarchitectural buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. (CVE-2019-11091)
Matteo Croce, Natale Vinto, and Andrea Spagnolo discovered that the cgroups subsystem of the Linux kernel did not properly account for SCTP socket buffers. A local attacker could use this to cause a denial of service (system crash). (CVE-2019-3874)
Alex Williamson discovered that the vfio subsystem of the Linux kernel did not properly limit DMA mappings. A local attacker co ...
Description truncated. Please see the references for more information.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for linux USN-3981-1 (OID:1.3.6.1.4.1.25623.1.0.844009)
Version used: 2020-02-03T08:05:42Z
The remote host is missing an update for the 'apport' package(s) announced via the USN-4171-5 advisory.
Vulnerable package: apport Installed version: 2.20.9-0ubuntu7.3 Fixed version: 2.20.9-0ubuntu7.12 Vulnerable package: python3-apport Installed version: 2.20.9-0ubuntu7.3 Fixed version: 2.20.9-0ubuntu7.12
Solution type:VendorFix
Please install the updated package(s).
'apport' package(s) on Ubuntu 19.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
USN-4171-1 fixed vulnerabilities in Apport. This caused a regression in autopkgtest and python2 compatibility. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
Kevin Backhouse discovered Apport would read its user-controlled settings file as the root user. This could be used by a local attacker to possibly crash Apport or have other unspecified consequences. (CVE-2019-11481)
Sander Bos discovered a race-condition in Apport during core dump creation. This could be used by a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user. (CVE-2019-11482)
Sander Bos discovered Apport mishandled crash dumps originating from containers. This could be used by a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user. (CVE-2019-11483)
Sander Bos discovered Apport mishandled lock-file creation. This could be used by a local attacker to cause a denial of service against Apport. (CVE-2019-11485)
Kevin Backhouse discovered Apport read various process-specific files with elevated privileges during crash dump generation. This could could be used by a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user. (CVE-2019-15790)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for apport (USN-4171-5) (OID:1.3.6.1.4.1.25623.1.0.844367)
Version used: 2021-07-12T02:00:56Z
The remote host is missing an update for the 'linux' package(s) announced via the USN-3931-1 advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.47.49
Solution type:VendorFix
Please install the updated package(s).
'linux' package(s) on Ubuntu 18.04 LTS.
M. Vefa Bicakci and Andy Lutomirski discovered that the kernel did not properly set up all arguments to an error handler callback used when running as a paravirtualized guest. An unprivileged attacker in a paravirtualized guest VM could use this to cause a denial of service (guest VM crash). (CVE-2018-14678)
It was discovered that the KVM implementation in the Linux kernel on ARM 64bit processors did not properly handle some ioctls. An attacker with the privilege to create KVM-based virtual machines could use this to cause a denial of service (host system crash) or execute arbitrary code in the host. (CVE-2018-18021)
Mathias Payer and Hui Peng discovered a use-after-free vulnerability in the Advanced Linux Sound Architecture (ALSA) subsystem. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2018-19824)
Shlomi Oberman, Yuli Shapiro, and Ran Menscher discovered an information leak in the Bluetooth implementation of the Linux kernel. An attacker within Bluetooth range could use this to expose sensitive information (kernel memory). (CVE-2019-3459, CVE-2019-3460)
Jann Horn discovered that the KVM implementation in the Linux kernel contained a use-after-free vulnerability. An attacker in a guest VM with access to /dev/kvm could use this to cause a denial of service (guest VM crash). (CVE-2019-6974)
Jim Mattson and Felix Wilhelm discovered a use-after-free vulnerability in the KVM subsystem of the Linux kernel, when using nested virtual machines. A local attacker in a guest VM could use this to cause a denial of service (system crash) or possibly execute arbitrary code in the host system. (CVE-2019-7221)
Felix Wilhelm discovered that an information leak vulnerability existed in the KVM subsystem of the Linux kernel, when nested virtualization is used. A local attacker could use this to expose sensitive information (host system memory to a guest VM). (CVE-2019-7222)
Jann Horn discovered that the eBPF implementation in the Linux kernel was insufficiently hardened against Spectre V1 attacks. A local attacker could use this to expose sensitive information. (CVE-2019-7308)
It was discovered that a use-after-free vulnerability existed in the user- space API for crypto (af_alg) implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-8912)
It was discovered that the Linux kernel did not properly deallocate memory when handling certain errors while reading files. A local attacker could use this to cause a denial of service (excessive memory consumpti ...
Description truncated. Please see the references for more information.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for linux USN-3931-1 (OID:1.3.6.1.4.1.25623.1.0.843954)
Version used: 2019-04-26T08:24:31Z
The remote host is missing an update for the 'linux' package(s) announced via the USN-4363-1 advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.101.91
Solution type:VendorFix
Please install the updated package(s).
'linux' package(s) on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that the Serial CAN interface driver in the Linux kernel did not properly initialize data. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2020-11494)
It was discovered that the linux kernel did not properly validate certain mount options to the tmpfs virtual memory file system. A local attacker with the ability to specify mount options could use this to cause a denial of service (system crash). (CVE-2020-11565)
David Gibson discovered that the Linux kernel on Power9 CPUs did not properly save and restore Authority Mask registers state in some situations. A local attacker in a guest VM could use this to cause a denial of service (host system crash). (CVE-2020-11669)
It was discovered that the block layer in the Linux kernel contained a race condition leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2020-12657)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for linux (USN-4363-1) (OID:1.3.6.1.4.1.25623.1.0.844434)
Version used: 2021-07-09T11:00:55Z
The remote host is missing an update for the 'linux' package(s) announced via the USN-4255-1 advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.76.78
Solution type:VendorFix
Please install the updated package(s).
'linux' package(s) on Ubuntu 18.04 LTS.
It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. (CVE-2019-14615)
It was discovered that a race condition can lead to a use-after-free while destroying GEM contexts in the i915 driver for the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-7053)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for linux (USN-4255-1) (OID:1.3.6.1.4.1.25623.1.0.844312)
Version used: 2021-07-13T02:01:14Z
The remote host is missing an update for the 'linux' package(s) announced via the USN-4144-1 advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.65.67
Solution type:VendorFix
Please install the updated package(s).
'linux' package(s) on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that the XFS file system in the Linux kernel did not properly handle mount failures in some situations. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2018-20976)
Benjamin Moody discovered that the XFS file system in the Linux kernel did not properly handle an error condition when out of disk quota. A local attacker could possibly use this to cause a denial of service. (CVE-2019-15538)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for linux USN-4144-1 (OID:1.3.6.1.4.1.25623.1.0.844191)
Version used: 2019-10-04T07:25:00Z
The remote host is missing an update for the 'linux' package(s) announced via the USN-4017-1 advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.52.54
Solution type:VendorFix
Please install the updated package(s).
'linux' package(s) on Ubuntu 19.04, Ubuntu 18.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Jonathan Looney discovered that the TCP retransmission queue implementation in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. (CVE-2019-11478)
Jonathan Looney discovered that an integer overflow existed in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service (system crash). (CVE-2019-11477)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for linux USN-4017-1 (OID:1.3.6.1.4.1.25623.1.0.844053)
Version used: 2019-06-25T09:45:07Z
The remote host is missing an update for the 'expat' package(s) announced via the USN-4040-1 advisory.
Vulnerable package: libexpat1 Installed version: 2.2.5-3 Fixed version: 2.2.5-3ubuntu0.1
Solution type:VendorFix
Please install the updated package(s).
'expat' package(s) on Ubuntu 19.04, Ubuntu 18.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that Expat incorrectly handled certain XML files. An attacker could possibly use this issue to cause a denial of service.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for expat USN-4040-1 (OID:1.3.6.1.4.1.25623.1.0.844072)
Version used: 2019-06-27T06:30:18Z
The remote host is missing an update for the 'linux' package(s) announced via the USN-4578-1 advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.121.108
Solution type:VendorFix
Please install the updated package(s).
'linux' package(s) on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Hador Manor discovered that the DCCP protocol implementation in the Linux kernel improperly handled socket reuse, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-16119)
Wen Xu discovered that the XFS file system in the Linux kernel did not properly validate inode metadata in some situations. An attacker could use this to construct a malicious XFS image that, when mounted, could cause a denial of service (system crash). (CVE-2018-10322)
It was discovered that the btrfs file system in the Linux kernel contained a use-after-free vulnerability when merging free space. An attacker could use this to construct a malicious btrfs image that, when mounted and operated on, could cause a denial of service (system crash). (CVE-2019-19448)
Jay Shin discovered that the ext4 file system implementation in the Linux kernel did not properly handle directory access with broken indexing, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-14314)
Giuseppe Scrivano discovered that the overlay file system in the Linux kernel did not properly perform permission checks in some situations. A local attacker could possibly use this to bypass intended restrictions and gain read access to restricted files. (CVE-2020-16120)
It was discovered that the NFS client implementation in the Linux kernel did not properly perform bounds checking before copying security labels in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-25212)
It was discovered that the NFC implementation in the Linux kernel did not properly perform permissions checks when opening raw sockets. A local attacker could use this to create or listen to NFC traffic. (CVE-2020-26088)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for linux (USN-4578-1) (OID:1.3.6.1.4.1.25623.1.0.844647)
Version used: 2021-07-09T02:00:48Z
The remote host is missing an update for the 'linux' package(s) announced via the USN-3847-1 advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.43.45
Solution type:VendorFix
Please install the updated package(s).
Note: According to the USN the package names for this update where changed from e.g. linux-image-4.15.0-42-generic to linux-image-4.15.0-43-generic. Due to this please make sure to install the kernel package containing the -43- part within its name.
linux on Ubuntu 18.04 LTS.
It was discovered that a race condition existed in the raw MIDI driver for the Linux kernel, leading to a double free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-10902)
It was discovered that an integer overrun vulnerability existed in the POSIX timers implementation in the Linux kernel. A local attacker could use this to cause a denial of service. (CVE-2018-12896)
Noam Rathaus discovered that a use-after-free vulnerability existed in the Infiniband implementation in the Linux kernel. An attacker could use this to cause a denial of service (system crash). (CVE-2018-14734)
It was discovered that the YUREX USB device driver for the Linux kernel did not properly restrict user space reads or writes. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-16276)
It was discovered that the BPF verifier in the Linux kernel did not correctly compute numeric bounds in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-18445)
Kanda Motohiro discovered that writing extended attributes to an XFS file system in the Linux kernel in certain situations could cause an error condition to occur. A local attacker could use this to cause a denial of service. (CVE-2018-18690)
It was discovered that an integer overflow vulnerability existed in the CDROM driver of the Linux kernel. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2018-18710)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for linux USN-3847-1 (OID:1.3.6.1.4.1.25623.1.0.843856)
Version used: 2021-06-04T02:00:20Z
The remote host is missing an update for the 'sudo' package(s) announced via the USN-4263-1 advisory.
Vulnerable package: sudo Installed version: 1.8.21p2-3ubuntu1 Fixed version: 1.8.21p2-3ubuntu1.2
Solution type:VendorFix
Please install the updated package(s).
'sudo' package(s) on Ubuntu 19.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Joe Vennix discovered that Sudo incorrectly handled memory operations when the pwfeedback option is enabled. A local attacker could possibly use this issue to obtain unintended access to the administrator account.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for sudo (USN-4263-1) (OID:1.3.6.1.4.1.25623.1.0.844323)
Version used: 2021-07-12T02:00:56Z
The remote host is missing an update for the 'linux' package(s) announced via the USN-4210-1 advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.72.74
Solution type:VendorFix
Please install the updated package(s).
'linux' package(s) on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that a buffer overflow existed in the 802.11 Wi-Fi configuration interface for the Linux kernel when handling beacon settings. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-16746)
Nicolas Waisman discovered that the WiFi driver stack in the Linux kernel did not properly validate SSID lengths. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-17133)
It was discovered that the ADIS16400 IIO IMU Driver for the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2019-19060)
It was discovered that the Intel OPA Gen1 Infiniband Driver for the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2019-19065)
It was discovered that the Cascoda CA8210 SPI 802.15.4 wireless controller driver for the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2019-19075)
Nicolas Waisman discovered that the Chelsio T4/T5 RDMA Driver for the Linux kernel performed DMA from a kernel stack. A local attacker could use this to cause a denial of service (system crash). (CVE-2019-17075)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for linux USN-4210-1 (OID:1.3.6.1.4.1.25623.1.0.844258)
Version used: 2019-12-10T07:34:00Z
The remote host is missing an update for the 'json-c' package(s) announced via the USN-4360-1 advisory.
Vulnerable package: libjson-c3 Installed version: 0.12.1-1.3 Fixed version: 0.12.1-1.3ubuntu0.1
Solution type:VendorFix
Please install the updated package(s).
'json-c' package(s) on Ubuntu 20.04 LTS, Ubuntu 19.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that json-c incorrectly handled certain JSON files. An attacker could possibly use this issue to execute arbitrary code.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for json-c (USN-4360-1) (OID:1.3.6.1.4.1.25623.1.0.844431)
Version used: 2021-07-09T11:00:55Z
The remote host is missing an update for the 'json-c' package(s) announced via the USN-4360-4 advisory.
Vulnerable package: libjson-c3 Installed version: 0.12.1-1.3 Fixed version: 0.12.1-1.3ubuntu0.3
Solution type:VendorFix
Please install the updated package(s).
'json-c' package(s) on Ubuntu 20.04 LTS, Ubuntu 19.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
USN-4360-1 fixed a vulnerability in json-c. The security fix introduced a memory leak that was reverted in USN-4360-2 and USN-4360-3. This update provides the correct fix update for CVE-2020-12762.
Original advisory details:
It was discovered that json-c incorrectly handled certain JSON files. An attacker could possibly use this issue to execute arbitrary code.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for json-c (USN-4360-4) (OID:1.3.6.1.4.1.25623.1.0.844449)
Version used: 2021-07-09T11:00:55Z
The remote host is missing an update for the 'linux' package(s) announced via the USN-4404-2 advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.108.96
Solution type:VendorFix
Please install the updated package(s).
'linux' package(s) on Ubuntu 20.04 LTS, Ubuntu 19.10, Ubuntu 18.04 LTS.
USN-4404-1 fixed vulnerabilities in the NVIDIA graphics drivers. This update provides the corresponding updates for the NVIDIA Linux DKMS kernel modules.
Original advisory details:
Thomas E. Carroll discovered that the NVIDIA Cuda grpahics driver did not properly perform access control when performing IPC. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2020-5963)
It was discovered that the UVM driver in the NVIDIA graphics driver contained a race condition. A local attacker could use this to cause a denial of service. (CVE-2020-5967)
It was discovered that the NVIDIA virtual GPU guest drivers contained an unspecified vulnerability that could potentially lead to privileged operation execution. An attacker could use this to cause a denial of service. (CVE-2020-5973)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for linux (USN-4404-2) (OID:1.3.6.1.4.1.25623.1.0.844478)
Version used: 2021-07-09T02:00:48Z
The remote host is missing an update for the 'apport' package(s) announced via the USN-4171-6 advisory.
Vulnerable package: apport Installed version: 2.20.9-0ubuntu7.3 Fixed version: 2.20.9-0ubuntu7.20 Vulnerable package: python3-apport Installed version: 2.20.9-0ubuntu7.3 Fixed version: 2.20.9-0ubuntu7.20
Solution type:VendorFix
Please install the updated package(s).
'apport' package(s) on Ubuntu 20.10, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
USN-4171-1 fixed vulnerabilities in Apport. The update caused a regression when handling configuration files. This update fixes the problem, and also introduces further hardening measures.
Original advisory details:
Kevin Backhouse discovered Apport would read its user-controlled settings file as the root user. This could be used by a local attacker to possibly crash Apport or have other unspecified consequences. (CVE-2019-11481) Sander Bos discovered a race-condition in Apport during core dump creation. This could be used by a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user. (CVE-2019-11482) Sander Bos discovered Apport mishandled crash dumps originating from containers. This could be used by a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user. (CVE-2019-11483) Sander Bos discovered Apport mishandled lock-file creation. This could be used by a local attacker to cause a denial of service against Apport. (CVE-2019-11485) Kevin Backhouse discovered Apport read various process-specific files with elevated privileges during crash dump generation. This could could be used by a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user. (CVE-2019-15790)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for apport (USN-4171-6) (OID:1.3.6.1.4.1.25623.1.0.844715)
Version used: 2021-07-09T02:00:48Z
The remote host is missing an update for the 'linux' package(s) announced via the USN-4414-1 advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.109.97
Solution type:VendorFix
Please install the updated package(s).
'linux' package(s) on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that the network block device (nbd) implementation in the Linux kernel did not properly check for error conditions in some situations. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2019-16089)
It was discovered that the btrfs file system implementation in the Linux kernel did not properly validate file system metadata in some situations. An attacker could use this to construct a malicious btrfs image that, when mounted, could cause a denial of service (system crash). (CVE-2019-19036, CVE-2019-19318, CVE-2019-19813, CVE-2019-19816)
It was discovered that the btrfs implementation in the Linux kernel did not properly detect that a block was marked dirty in some situations. An attacker could use this to specially craft a file system image that, when unmounted, could cause a denial of service (system crash). (CVE-2019-19377)
It was discovered that the kernel->user space relay implementation in the Linux kernel did not properly check return values in some situations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2019-19462)
Matthew Sheets discovered that the SELinux network label handling implementation in the Linux kernel could be coerced into de-referencing a NULL pointer. A remote attacker could use this to cause a denial of service (system crash). (CVE-2020-10711)
It was discovered that the SCSI generic (sg) driver in the Linux kernel did not properly handle certain error conditions correctly. A local privileged attacker could use this to cause a denial of service (system crash). (CVE-2020-12770)
It was discovered that the USB Gadget device driver in the Linux kernel did not validate arguments passed from configfs in some situations. A local attacker could possibly use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2020-13143)
It was discovered that the efi subsystem in the Linux kernel did not handle memory allocation failures during early boot in some situations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2019-12380)
It was discovered that the btrfs file system in the Linux kernel in some error conditions could report register information to the dmesg buffer. A local attacker could possibly use this to expose sensitive information. (CVE-2019-19039)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for linux (USN-4414-1) (OID:1.3.6.1.4.1.25623.1.0.844482)
Version used: 2021-07-12T11:00:45Z
The remote host is missing an update for the 'linux' package(s) announced via the USN-4489-1 advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.117.104
Solution type:VendorFix
Please install the updated package(s).
'linux' package(s) on Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Or Cohen discovered that the AF_PACKET implementation in the Linux kernel did not properly perform bounds checking in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for linux (USN-4489-1) (OID:1.3.6.1.4.1.25623.1.0.844568)
Version used: 2021-07-09T11:00:55Z
The remote host is missing an update for the 'linux' package(s) announced via the USN-4485-1 advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.115.103
Solution type:VendorFix
Please install the updated package(s).
'linux' package(s) on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Timothy Michaud discovered that the i915 graphics driver in the Linux kernel did not properly validate user memory locations for the i915_gem_execbuffer2_ioctl. A local attacker could possibly use this to cause a denial of service or execute arbitrary code. (CVE-2018-20669)
It was discovered that the Kvaser CAN/USB driver in the Linux kernel did not properly initialize memory in certain situations. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2019-19947)
Chuhong Yuan discovered that go7007 USB audio device driver in the Linux kernel did not properly deallocate memory in some failure conditions. A physically proximate attacker could use this to cause a denial of service (memory exhaustion). (CVE-2019-20810)
It was discovered that the elf handling code in the Linux kernel did not initialize memory before using it in certain situations. A local attacker could use this to possibly expose sensitive information (kernel memory). (CVE-2020-10732)
It was discovered that the Linux kernel did not correctly apply Speculative Store Bypass Disable (SSBD) mitigations in certain situations. A local attacker could possibly use this to expose sensitive information. (CVE-2020-10766)
It was discovered that the Linux kernel did not correctly apply Indirect Branch Predictor Barrier (IBPB) mitigations in certain situations. A local attacker could possibly use this to expose sensitive information. (CVE-2020-10767)
It was discovered that the Linux kernel could incorrectly enable Indirect Branch Speculation after it has been disabled for a process via a prctl() call. A local attacker could possibly use this to expose sensitive information. (CVE-2020-10768)
Luca Bruno discovered that the zram module in the Linux kernel did not properly restrict unprivileged users from accessing the hot_add sysfs file. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2020-10781)
It was discovered that the XFS file system implementation in the Linux kernel did not properly validate meta data in some circumstances. An attacker could use this to construct a malicious XFS image that, when mounted, could cause a denial of service. (CVE-2020-12655)
It was discovered that the bcache subsystem in the Linux kernel did not properly release a lock in some error conditions. A local attacker could possibly use this to cause a denial of service. (CVE-2020-12771)
It was discovered that the Virtual Terminal keyboard driver in the Linux kernel contained an integer overflow. A local attacker could possibly use this to have an unspecified ...
Description truncated. Please see the references for more information.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for linux (USN-4485-1) (OID:1.3.6.1.4.1.25623.1.0.844563)
Version used: 2021-07-09T11:00:55Z
The remote host is missing an update for the 'util-linux' package(s) announced via the USN-4512-1 advisory.
Vulnerable package: util-linux Installed version: 2.31.1-0.4ubuntu3.1 Fixed version: 2.31.1-0.4ubuntu3.7
Solution type:VendorFix
Please install the updated package(s).
'util-linux' package(s) on Ubuntu 18.04 LTS.
It was discovered that the umount bash completion script shipped in util-linux incorrectly handled certain mountpoints. If a local attacker were able to create arbitrary mountpoints, another user could be tricked into executing arbitrary code when attempting to run the umount command with bash completion.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for util-linux (USN-4512-1) (OID:1.3.6.1.4.1.25623.1.0.844592)
Version used: 2021-07-12T11:00:45Z
The host is installed with Oracle Java SE JRE and is prone to arbitrary code execution vulnerability.
Installed version: 1.7.0update_25 Fixed version: Apply the patch
Successful exploitation will allow attackers to execute arbitrary code on affected system.
Solution type:VendorFix
Apply the patch from the referenced advisory.
Oracle Java SE 6 update 91 and prior, 7 update 76 and prior, 8 update 40 and prior on Linux.
The flaw is due to error related to the Deployment subcomponent.
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE JRE Unspecified Code Execution Vulnerability Apr 2015 (Linux) (OID:1.3.6.1.4.1.25623.1.0.108404)
Version used: 2020-05-12T13:57:17Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The host is installed with Oracle Java SE JRE and is prone to Privilege Escalation Vulnerability
Installed version: 1.7.0update_25 Fixed version: Apply the patch Installation path / port: /opt/atlassian/jira/jre/bin/java
Successful exploitation will allow attackers to have an impact on confidentiality, integrity and availability via unknown vectors.
Solution type:VendorFix
Apply the patch from the referenced advisory.
Oracle Java SE 6 update 111 and prior, 7 update 95 and prior, 8 update 71 and prior, and 8 update 72 and prior on Linux.
The flaw exists due to some unspecified error.
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Privilege Escalation Vulnerability (Linux) (OID:1.3.6.1.4.1.25623.1.0.108389)
Version used: 2020-05-12T13:57:17Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The remote host is missing an update for the 'curl' package(s) announced via the USN-4665-1 advisory.
Vulnerable package: curl Installed version: 7.58.0-2ubuntu3.2 Fixed version: 7.58.0-2ubuntu3.12 Vulnerable package: libcurl3-gnutls Installed version: 7.58.0-2ubuntu3.2 Fixed version: 7.58.0-2ubuntu3.12 Vulnerable package: libcurl4 Installed version: 7.58.0-2ubuntu3.2 Fixed version: 7.58.0-2ubuntu3.12
Solution type:VendorFix
Please install the updated package(s).
'curl' package(s) on Ubuntu 20.10, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Marc Aldorasi discovered that curl incorrectly handled the libcurl CURLOPT_CONNECT_ONLY option. This could result in data being sent to the wrong destination, possibly exposing sensitive information. This issue only affected Ubuntu 20.10. (CVE-2020-8231)
Varnavas Papaioannou discovered that curl incorrectly handled FTP PASV responses. An attacker could possibly use this issue to trick curl into connecting to an arbitrary IP address and be used to perform port scanner and other information gathering. (CVE-2020-8284)
It was discovered that curl incorrectly handled FTP wildcard matchins. A remote attacker could possibly use this issue to cause curl to consume resources and crash, resulting in a denial of service. (CVE-2020-8285)
It was discovered that curl incorrectly handled OCSP response verification. A remote attacker could possibly use this issue to provide a fraudulent OCSP response. (CVE-2020-8286)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for curl (USN-4665-1) (OID:1.3.6.1.4.1.25623.1.0.844752)
Version used: 2021-07-09T02:00:48Z
The host is installed with Oracle Java SE and is prone to unspecified vulnerability.
Installed version: 1.7.0update_25 Fixed version: Apply the patch Installation path / port: /opt/atlassian/jira/jre/bin/java
Successful exploitation of this vulnerability will allow attackers to partially modify data by leveraging improper pointer arithmetic within the application.
Solution type:VendorFix
Apply the patch from the referenced advisory.
Oracle Java SE version 1.6.0.161 and earlier, 1.7.0.151 and earlier, 1.8.0.144 and earlier on Linux.
Multiple flaws exist due to a flaw in Util (zlib) component of the application.
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (oct2017-3236626) 03 - Linux (OID:1.3.6.1.4.1.25623.1.0.108380)
Version used: 2020-10-29T15:35:19Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The remote host is missing an update for the 'lz4' package(s) announced via the USN-4968-1 advisory.
Vulnerable package: liblz4-1 Installed version: 0.0~r131-2ubuntu3 Fixed version: 0.0~r131-2ubuntu3.1
Solution type:VendorFix
Please install the updated package(s).
'lz4' package(s) on Ubuntu 20.10, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS.
It was discovered that LZ4 incorrectly handled certain memory operations. If a user or automated system were tricked into uncompressing a specially- crafted LZ4 file, a remote attacker could use this issue to cause LZ4 to crash, resulting in a denial of service, or possibly execute arbitrary code.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for lz4 (USN-4968-1) (OID:1.3.6.1.4.1.25623.1.0.844955)
Version used: 2021-06-15T08:02:31Z
The remote host is missing an update for the 'libxml2' package(s) announced via the USN-4991-1 advisory.
Vulnerable package: libxml2 Installed version: 2.9.4+dfsg1-6.1ubuntu1.2 Fixed version: 2.9.4+dfsg1-6.1ubuntu1.4
Solution type:VendorFix
Please install the updated package(s).
'libxml2' package(s) on Ubuntu 20.10, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS.
Yunho Kim discovered that libxml2 incorrectly handled certain error conditions. A remote attacker could exploit this with a crafted XML file to cause a denial of service, or possibly cause libxml2 to expose sensitive information. This issue only affected Ubuntu 14.04 ESM, and Ubuntu 16.04 ESM. (CVE-2017-8872)
Zhipeng Xie discovered that libxml2 incorrectly handled certain XML schemas. A remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, and Ubuntu 18.04 LTS. (CVE-2019-20388)
It was discovered that libxml2 incorrectly handled invalid UTF-8 input. A remote attacker could possibly exploit this with a crafted XML file to cause libxml2 to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 20.10. (CVE-2020-24977)
It was discovered that libxml2 incorrectly handled invalid UTF-8 input. A remote attacker could possibly exploit this with a crafted XML file to cause libxml2 to crash, resulting in a denial of service. (CVE-2021-3517)
It was discovered that libxml2 did not properly handle certain crafted XML files. A local attacker could exploit this with a crafted input to cause libxml2 to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-3516, CVE-2021-3518)
It was discovered that libxml2 incorrectly handled error states. A remote attacker could exploit this with a crafted XML file to cause libxml2 to crash, resulting in a denial of service. (CVE-2021-3537)
Sebastian Pipping discovered that libxml2 did not properly handle certain crafted XML files. A remote attacker could exploit this with a crafted XML file to cause libxml2 to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS, Ubuntu 20.10, and Ubuntu 21.04. (CVE-2021-3541)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for libxml2 (USN-4991-1) (OID:1.3.6.1.4.1.25623.1.0.844978)
Version used: 2021-07-07T14:24:04Z
The remote host is missing an update for the 'python3.8' package(s) announced via the USN-4754-1 advisory.
Vulnerable package: python3.6 Installed version: 3.6.5-3 Fixed version: 3.6.9-1~18.04ubuntu1.4 Vulnerable package: python3.6-minimal Installed version: 3.6.5-3 Fixed version: 3.6.9-1~18.04ubuntu1.4
Solution type:VendorFix
Please install the updated package(s).
'python3.8' package(s) on Ubuntu 20.10, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service. (CVE-2020-27619, CVE-2021-3177)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for python3.8 (USN-4754-1) (OID:1.3.6.1.4.1.25623.1.0.844854)
Version used: 2021-03-17T09:33:35Z
The remote host is missing an update for the 'screen' package(s) announced via the USN-4747-1 advisory.
Vulnerable package: screen Installed version: 4.6.2-1ubuntu1 Fixed version: 4.6.2-1ubuntu1.1
Solution type:VendorFix
Please install the updated package(s).
'screen' package(s) on Ubuntu 20.10, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Felix Weinmann discovered that GNU Screen incorrectly handled certain character sequences. A remote attacker could use this issue to cause GNU Screen to crash, resulting in a denial of service, or possibly execute arbitrary code.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for screen (USN-4747-1) (OID:1.3.6.1.4.1.25623.1.0.844844)
Version used: 2021-03-01T04:08:26Z
The remote host is missing an update for the 'krb5' package(s) announced via the USN-4635-1 advisory.
Vulnerable package: krb5-locales Installed version: 1.16-2build1 Fixed version: 1.16-2ubuntu0.2 Vulnerable package: libgssapi-krb5-2 Installed version: 1.16-2build1 Fixed version: 1.16-2ubuntu0.2 Vulnerable package: libk5crypto3 Installed version: 1.16-2build1 Fixed version: 1.16-2ubuntu0.2 Vulnerable package: libkrb5-3 Installed version: 1.16-2build1 Fixed version: 1.16-2ubuntu0.2 Vulnerable package: libkrb5support0 Installed version: 1.16-2build1 Fixed version: 1.16-2ubuntu0.2
Solution type:VendorFix
Please install the updated package(s).
'krb5' package(s) on Ubuntu 20.10, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Demi Obenour discovered that Kerberos incorrectly handled certain ASN.1. An attacker could possibly use this issue to cause a denial of service.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for krb5 (USN-4635-1) (OID:1.3.6.1.4.1.25623.1.0.844718)
Version used: 2021-07-09T11:00:55Z
The remote host is missing an update for the 'linux' package(s) announced via the USN-4526-1 advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.118.105
Solution type:VendorFix
Please install the updated package(s).
'linux' package(s) on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that the AMD Cryptographic Coprocessor device driver in the Linux kernel did not properly deallocate memory in some situations. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2019-18808)
It was discovered that the Connexant 23885 TV card device driver for the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2019-19054)
It was discovered that the ADIS16400 IIO IMU Driver for the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2019-19061)
It was discovered that the AMD Audio Coprocessor driver for the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker with the ability to load modules could use this to cause a denial of service (memory exhaustion). (CVE-2019-19067)
It was discovered that the Atheros HTC based wireless driver in the Linux kernel did not properly deallocate in certain error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2019-19073, CVE-2019-19074)
It was discovered that the F2FS file system in the Linux kernel did not properly perform bounds checking in some situations, leading to an out-of- bounds read. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2019-9445)
It was discovered that the VFIO PCI driver in the Linux kernel did not properly handle attempts to access disabled memory spaces. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-12888)
It was discovered that the cgroup v2 subsystem in the Linux kernel did not properly perform reference counting in some situations, leading to a NULL pointer dereference. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. (CVE-2020-14356)
It was discovered that the state of network RNG in the Linux kernel was potentially observable. A remote attacker could use this to expose sensitive information. (CVE-2020-16166)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for linux (USN-4526-1) (OID:1.3.6.1.4.1.25623.1.0.844603)
Version used: 2021-07-09T11:00:55Z
The remote host is missing an update for the 'gnupg2' package(s) announced via the USN-4516-1 advisory.
Vulnerable package: gnupg Installed version: 2.2.4-1ubuntu1.1 Fixed version: 2.2.4-1ubuntu1.3
Solution type:VendorFix
Please install the updated package(s).
'gnupg2' package(s) on Ubuntu 18.04 LTS.
It was discovered that GnuPG signatures could be forged when the SHA-1 algorithm is being used. This update removes validating signatures based on SHA-1 that were generated after 2019-01-19. In environments where this is still required, a new option --allow-weak-key-signatures can be used to revert this behaviour.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for gnupg2 (USN-4516-1) (OID:1.3.6.1.4.1.25623.1.0.844588)
Version used: 2021-07-12T11:00:45Z
The remote host is missing an update for the 'curl' package(s) announced via the USN-4466-1 advisory.
Vulnerable package: curl Installed version: 7.58.0-2ubuntu3.2 Fixed version: 7.58.0-2ubuntu3.10 Vulnerable package: libcurl3-gnutls Installed version: 7.58.0-2ubuntu3.2 Fixed version: 7.58.0-2ubuntu3.10 Vulnerable package: libcurl4 Installed version: 7.58.0-2ubuntu3.2 Fixed version: 7.58.0-2ubuntu3.10
Solution type:VendorFix
Please install the updated package(s).
'curl' package(s) on Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Marc Aldorasi discovered that curl incorrectly handled the libcurl CURLOPT_CONNECT_ONLY option. This could result in data being sent to the wrong destination, possibly exposing sensitive information.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for curl (USN-4466-1) (OID:1.3.6.1.4.1.25623.1.0.844543)
Version used: 2021-07-13T02:01:14Z
The remote host is missing an update for the 'python3.8' package(s) announced via the USN-4428-1 advisory.
Vulnerable package: python3.6 Installed version: 3.6.5-3 Fixed version: 3.6.9-1~18.04ubuntu1.1 Vulnerable package: python3.6-minimal Installed version: 3.6.5-3 Fixed version: 3.6.9-1~18.04ubuntu1.1
Solution type:VendorFix
Please install the updated package(s).
'python3.8' package(s) on Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that Python documentation had a misleading information. A security issue could be possibly caused by wrong assumptions of this information. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-17514)
It was discovered that Python incorrectly handled certain TAR archives. An attacker could possibly use this issue to cause a denial of service. (CVE-2019-20907)
It was discovered that incorrectly handled certain ZIP files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-9674)
It was discovered that Python incorrectly handled certain IP values. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-14422)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for python3.8 (USN-4428-1) (OID:1.3.6.1.4.1.25623.1.0.844501)
Version used: 2021-07-09T11:00:55Z
The remote host is missing an update for the 'curl' package(s) announced via the USN-4402-1 advisory.
Vulnerable package: curl Installed version: 7.58.0-2ubuntu3.2 Fixed version: 7.58.0-2ubuntu3.9 Vulnerable package: libcurl3-gnutls Installed version: 7.58.0-2ubuntu3.2 Fixed version: 7.58.0-2ubuntu3.9 Vulnerable package: libcurl4 Installed version: 7.58.0-2ubuntu3.2 Fixed version: 7.58.0-2ubuntu3.9
Solution type:VendorFix
Please install the updated package(s).
'curl' package(s) on Ubuntu 20.04 LTS, Ubuntu 19.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Marek Szlagor, Gregory Jefferis and Jeroen Ooms discovered that curl incorrectly handled certain credentials. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 19.10 and Ubuntu 20.04 LTS. (CVE-2020-8169)
It was discovered that curl incorrectly handled certain parameters. An attacker could possibly use this issue to overwrite a local file. (CVE-2020-8177)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for curl (USN-4402-1) (OID:1.3.6.1.4.1.25623.1.0.844476)
Version used: 2021-07-12T11:00:45Z
The remote host is missing an update for the 'sqlite3' package(s) announced via the USN-4394-1 advisory.
Vulnerable package: libsqlite3-0 Installed version: 3.22.0-1 Fixed version: 3.22.0-1ubuntu0.4
Solution type:VendorFix
Please install the updated package(s).
'sqlite3' package(s) on Ubuntu 20.04 LTS, Ubuntu 19.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that SQLite incorrectly handled certain corruped schemas. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS. (CVE-2018-8740)
It was discovered that SQLite incorrectly handled certain SELECT statements. An attacker could possibly use this issue to cause a denial of service. This issue was only addressed in Ubuntu 19.10. (CVE-2019-19603)
It was discovered that SQLite incorrectly handled certain self-referential views. An attacker could possibly use this issue to cause a denial of service. This issue was only addressed in Ubuntu 19.10. (CVE-2019-19645)
Henry Liu discovered that SQLite incorrectly handled certain malformed window-function queries. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 19.10 and Ubuntu 20.04 LTS. (CVE-2020-11655)
It was discovered that SQLite incorrectly handled certain string operations. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-13434)
It was discovered that SQLite incorrectly handled certain expressions. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 19.10 and Ubuntu 20.04 LTS. (CVE-2020-13435)
It was discovered that SQLite incorrectly handled certain fts3 queries. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-13630)
It was discovered that SQLite incorrectly handled certain virtual table names. An attacker could possibly use this issue to cause a denial of service. This issue was only addressed in Ubuntu 19.10 and Ubuntu 20.04 LTS. (CVE-2020-13631)
It was discovered that SQLite incorrectly handled certain fts3 queries. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-13632)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for sqlite3 (USN-4394-1) (OID:1.3.6.1.4.1.25623.1.0.844467)
Version used: 2021-07-09T02:00:48Z
The remote host is missing an update for the 'git' package(s) announced via the USN-4334-1 advisory.
Vulnerable package: git Installed version: 2.17.1-1ubuntu0.1 Fixed version: 1:2.17.1-1ubuntu0.7
Solution type:VendorFix
Please install the updated package(s).
'git' package(s) on Ubuntu 19.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Carlo Arenas discovered that Git incorrectly handled certain URLs containing newlines, empty hosts, or lacking a scheme. A remote attacker could possibly use this issue to trick Git into returning credential information for a wrong host.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for git (USN-4334-1) (OID:1.3.6.1.4.1.25623.1.0.844397)
Version used: 2021-07-09T11:00:55Z
The remote host is missing an update for the 'git' package(s) announced via the USN-4329-1 advisory.
Vulnerable package: git Installed version: 2.17.1-1ubuntu0.1 Fixed version: 1:2.17.1-1ubuntu0.6
Solution type:VendorFix
Please install the updated package(s).
'git' package(s) on Ubuntu 19.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Felix Wilhelm discovered that Git incorrectly handled certain URLs that included newlines. A remote attacker could possibly use this issue to trick Git into returning credential information for a wrong host.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for git (USN-4329-1) (OID:1.3.6.1.4.1.25623.1.0.844393)
Version used: 2021-07-09T11:00:55Z
The remote host is missing an update for the 'twisted' package(s) announced via the USN-4308-1 advisory.
Vulnerable package: python3-twisted Installed version: 17.9.0-2 Fixed version: 17.9.0-2ubuntu0.1 Vulnerable package: python3-twisted-bin Installed version: 17.9.0-2 Fixed version: 17.9.0-2ubuntu0.1
Solution type:VendorFix
Please install the updated package(s).
'twisted' package(s) on Ubuntu 19.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
it was discovered that Twisted incorrectly validated or sanitized certain URIs or HTTP methods. A remote attacker could use this issue to inject invalid characters and possibly perform header injection attacks. (CVE-2019-12387)
It was discovered that Twisted incorrectly verified XMPP TLS certificates. A remote attacker could possibly use this issue to perform a man-in-the-middle attack and obtain sensitive information. (CVE-2019-12855)
It was discovered that Twisted incorrectly handled HTTP/2 connections. A remote attacker could possibly use this issue to cause Twisted to hang or consume resources, leading to a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 19.10. (CVE-2019-9512, CVE-2019-9514, CVE-2019-9515)
Jake Miller and ZeddYu Lu discovered that Twisted incorrectly handled certain content-length headers. A remote attacker could possibly use this issue to perform HTTP request splitting attacks. (CVE-2020-10108, CVE-2020-10109)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for twisted (USN-4308-1) (OID:1.3.6.1.4.1.25623.1.0.844371)
Version used: 2021-07-09T02:00:48Z
The remote host is missing an update for the 'linux' package(s) announced via the USN-4287-1 advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.88.80
Solution type:VendorFix
Please install the updated package(s).
'linux' package(s) on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. (CVE-2019-14615)
It was discovered that the Atheros 802.11ac wireless USB device driver in the Linux kernel did not properly validate device metadata. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15099)
It was discovered that the HSA Linux kernel driver for AMD GPU devices did not properly check for errors in certain situations, leading to a NULL pointer dereference. A local attacker could possibly use this to cause a denial of service. (CVE-2019-16229)
It was discovered that the Marvell 8xxx Libertas WLAN device driver in the Linux kernel did not properly check for errors in certain situations, leading to a NULL pointer dereference. A local attacker could possibly use this to cause a denial of service. (CVE-2019-16232)
It was discovered that a race condition existed in the Virtual Video Test Driver in the Linux kernel. An attacker with write access to /dev/video0 on a system with the vivid module loaded could possibly use this to gain administrative privileges. (CVE-2019-18683)
It was discovered that the Renesas Digital Radio Interface (DRIF) driver in the Linux kernel did not properly initialize data. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2019-18786)
It was discovered that the Afatech AF9005 DVB-T USB device driver in the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could possibly use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-18809)
It was discovered that the btrfs file system in the Linux kernel did not properly validate metadata, leading to a NULL pointer dereference. An attacker could use this to specially craft a file system image that, when mounted, could cause a denial of service (system crash). (CVE-2019-18885)
It was discovered that multiple memory leaks existed in the Marvell WiFi-Ex Driver for the Linux kernel. A local attacker could possibly use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19057)
It was discovered that the crypto subsystem in the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19062)
It was discovered that the Realtek rtlwifi USB device driver in the Linux kernel did not properly deallocate me ...
Description truncated. Please see the references for more information.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for linux (USN-4287-1) (OID:1.3.6.1.4.1.25623.1.0.844347)
Version used: 2021-07-09T02:00:48Z
The remote host is missing an update for the 'libxml2' package(s) announced via the USN-4274-1 advisory.
Vulnerable package: libxml2 Installed version: 2.9.4+dfsg1-6.1ubuntu1.2 Fixed version: 2.9.4+dfsg1-6.1ubuntu1.3
Solution type:VendorFix
Please install the updated package(s).
'libxml2' package(s) on Ubuntu 19.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a denial of service. (CVE-2019-19956, CVE-2020-7595)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for libxml2 (USN-4274-1) (OID:1.3.6.1.4.1.25623.1.0.844335)
Version used: 2021-07-09T02:00:48Z
The remote host is missing an update for the 'cyrus-sasl2' package(s) announced via the USN-4256-1 advisory.
Vulnerable package: libsasl2-2 Installed version: 2.1.27~101-g0780600+dfsg-3ubuntu2 Fixed version: 2.1.27~101-g0780600+dfsg-3ubuntu2.1
Solution type:VendorFix
Please install the updated package(s).
'cyrus-sasl2' package(s) on Ubuntu 19.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that Cyrus SASL incorrectly handled certain LDAP packets. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for cyrus-sasl2 (USN-4256-1) (OID:1.3.6.1.4.1.25623.1.0.844313)
Version used: 2021-07-13T02:01:14Z
The remote host is missing an update for the 'file' package(s) announced via the USN-4172-1 advisory.
Vulnerable package: file Installed version: 5.32-2ubuntu0.1 Fixed version: 1:5.32-2ubuntu0.3 Vulnerable package: libmagic1 Installed version: 5.32-2ubuntu0.1 Fixed version: 1:5.32-2ubuntu0.3
Solution type:VendorFix
Please install the updated package(s).
'file' package(s) on Ubuntu 19.10, Ubuntu 19.04, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that file incorrectly handled certain malformed files. An attacker could use this issue to cause a denial of service, or possibly execute arbitrary code.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for file USN-4172-1 (OID:1.3.6.1.4.1.25623.1.0.844220)
Version used: 2019-12-12T11:35:23Z
The remote host is missing an update for the 'libidn2' package(s) announced via the USN-4168-1 advisory.
Vulnerable package: libidn2-0 Installed version: 2.0.4-1.1build2 Fixed version: 2.0.4-1.1ubuntu0.2
Solution type:VendorFix
Please install the updated package(s).
'libidn2' package(s) on Ubuntu 19.04, Ubuntu 18.04 LTS.
It was discovered that Libidn2 incorrectly handled certain inputs. A attacker could possibly use this issue to impersonate domains. (CVE-2019-12290)
It was discovered that Libidn2 incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. (CVE-2019-18224)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for libidn2 USN-4168-1 (OID:1.3.6.1.4.1.25623.1.0.844214)
Version used: 2019-10-30T10:03:24Z
The remote host is missing an update for the 'sqlite3' package(s) announced via the USN-4019-1 advisory.
Vulnerable package: libsqlite3-0 Installed version: 3.22.0-1 Fixed version: 3.22.0-1ubuntu0.1
Solution type:VendorFix
Please install the updated package(s).
'sqlite3' package(s) on Ubuntu 19.04, Ubuntu 18.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that SQLite incorrectly handled certain SQL files. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service. This issue only affected Ubuntu 16.04 LTS. (CVE-2017-2518, CVE-2017-2520)
It was discovered that SQLite incorrectly handled certain queries. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-20505)
It was discovered that SQLite incorrectly handled certain queries. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-20346, CVE-2018-20506)
It was discovered that SQLite incorrectly handled certain inputs. An attacker could possibly use this issue to access sensitive information. (CVE-2019-8457)
It was discovered that SQLite incorrectly handled certain queries. An attacker could possibly use this issue to access sensitive information. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2019-9936)
It was discovered that SQLite incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2019-9937)
It was discovered that SQLite incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS. (CVE-2016-6153)
It was discovered that SQLite incorrectly handled certain databases. An attacker could possibly use this issue to access sensitive information. This issue only affected Ubuntu 16.04 LTS. (CVE-2017-10989)
It was discovered that SQLite incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS. (CVE-2017-13685)
It was discovered that SQLite incorrectly handled certain queries. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service. This issue only affected Ubuntu 16.04 LTS. (CVE-2017-2519)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for sqlite3 USN-4019-1 (OID:1.3.6.1.4.1.25623.1.0.844058)
Version used: 2019-06-20T06:01:12Z
The remote host is missing an update for the 'curl' package(s) announced via the USN-4129-1 advisory.
Vulnerable package: curl Installed version: 7.58.0-2ubuntu3.2 Fixed version: 7.58.0-2ubuntu3.8 Vulnerable package: libcurl3-gnutls Installed version: 7.58.0-2ubuntu3.2 Fixed version: 7.58.0-2ubuntu3.8 Vulnerable package: libcurl4 Installed version: 7.58.0-2ubuntu3.2 Fixed version: 7.58.0-2ubuntu3.8
Solution type:VendorFix
Please install the updated package(s).
'curl' package(s) on Ubuntu 19.04, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Thomas Vegas discovered that curl incorrectly handled memory when using Kerberos over FTP. A remote attacker could use this issue to crash curl, resulting in a denial of service. (CVE-2019-5481)
Thomas Vegas discovered that curl incorrectly handled memory during TFTP transfers. A remote attacker could use this issue to crash curl, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2019-5482)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for curl USN-4129-1 (OID:1.3.6.1.4.1.25623.1.0.844172)
Version used: 2019-09-20T07:02:27Z
The remote host is missing an update for the 'zeromq3' package(s) announced via the USN-4050-1 advisory.
Vulnerable package: libzmq5 Installed version: 4.2.5-1 Fixed version: 4.2.5-1ubuntu0.2
Solution type:VendorFix
Please install the updated package(s).
'zeromq3' package(s) on Ubuntu 19.04, Ubuntu 18.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that ZeroMQ incorrectly handled certain application metadata. A remote attacker could use this issue to cause ZeroMQ to crash, or possibly execute arbitrary code.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for zeromq3 USN-4050-1 (OID:1.3.6.1.4.1.25623.1.0.844083)
Version used: 2019-07-23T06:55:12Z
The remote host is missing an update for the 'bzip2' package(s) announced via the USN-4038-1 advisory.
Vulnerable package: bzip2 Installed version: 1.0.6-8.1 Fixed version: 1.0.6-8.1ubuntu0.1 Vulnerable package: libbz2-1.0 Installed version: 1.0.6-8.1 Fixed version: 1.0.6-8.1ubuntu0.1
Solution type:VendorFix
Please install the updated package(s).
'bzip2' package(s) on Ubuntu 19.04, Ubuntu 18.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Aladdin Mubaied discovered that bzip2 incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS. (CVE-2016-3189)
It was discovered that bzip2 incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. (CVE-2019-12900)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for bzip2 USN-4038-1 (OID:1.3.6.1.4.1.25623.1.0.844073)
Version used: 2019-06-27T06:30:18Z
The remote host is missing an update for the 'glib2.0' package(s) announced via the USN-4014-1 advisory.
Vulnerable package: libglib2.0-0 Installed version: 2.56.2-0ubuntu0.18.04.1 Fixed version: 2.56.4-0ubuntu0.18.04.3
Solution type:VendorFix
Please install the updated package(s).
'glib2.0' package(s) on Ubuntu 19.04, Ubuntu 18.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that GLib incorrectly handled certain files. An attacker could possibly use this issue to access sensitive information.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for glib2.0 USN-4014-1 (OID:1.3.6.1.4.1.25623.1.0.844047)
Version used: 2019-06-11T06:16:55Z
The remote host is missing an update for the 'elfutils' package(s) announced via the USN-4012-1 advisory.
Vulnerable package: libelf1 Installed version: 0.170-0.4 Fixed version: 0.170-0.4ubuntu0.1
Solution type:VendorFix
Please install the updated package(s).
'elfutils' package(s) on Ubuntu 18.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that elfutils incorrectly handled certain malformed files. If a user or automated system were tricked into processing a specially crafted file, elfutils could be made to crash or consume resources, resulting in a denial of service.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for elfutils USN-4012-1 (OID:1.3.6.1.4.1.25623.1.0.844046)
Version used: 2019-06-11T06:16:55Z
The remote host is missing an update for the 'db5.3' package(s) announced via the USN-4004-1 advisory.
Vulnerable package: libdb5.3 Installed version: 5.3.28-13.1ubuntu1 Fixed version: 5.3.28-13.1ubuntu1.1
Solution type:VendorFix
Please install the updated package(s).
'db5.3' package(s) on Ubuntu 19.04, Ubuntu 18.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that Berkeley DB incorrectly handled certain inputs. An attacker could possibly use this issue to read sensitive information.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for db5.3 USN-4004-1 (OID:1.3.6.1.4.1.25623.1.0.844039)
Version used: 2019-06-06T13:02:35Z
The remote host is missing an update for the 'libseccomp' package(s) announced via the USN-4001-1 advisory.
Vulnerable package: libseccomp2 Installed version: 2.3.1-2.1ubuntu4 Fixed version: 2.4.1-0ubuntu0.18.04.2
Solution type:VendorFix
Please install the updated package(s).
'libseccomp' package(s) on Ubuntu 19.04, Ubuntu 18.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Jann Horn discovered that libseccomp did not correctly generate 64-bit syscall argument comparisons with arithmetic operators (LT, GT, LE, GE). An attacker could use this to bypass intended access restrictions for argument-filtered system calls.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for libseccomp USN-4001-1 (OID:1.3.6.1.4.1.25623.1.0.844029)
Version used: 2019-06-04T07:02:10Z
The remote host is missing an update for the 'libxslt' package(s) announced via the USN-3947-1 advisory.
Vulnerable package: libxslt1.1 Installed version: 1.1.29-5 Fixed version: 1.1.29-5ubuntu0.1
Solution type:VendorFix
Please install the updated package(s).
'libxslt' package(s) on Ubuntu 18.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS, Ubuntu 14.04 LTS.
It was discovered that Libxslt incorrectly handled certain documents. An attacker could possibly use this issue to access sensitive information.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for libxslt USN-3947-1 (OID:1.3.6.1.4.1.25623.1.0.843976)
Version used: 2019-04-19T05:29:08Z
The remote host is missing an update for the 'busybox' package(s) announced via the USN-3935-1 advisory.
Vulnerable package: busybox-initramfs Installed version: 1.27.2-2ubuntu3 Fixed version: 1:1.27.2-2ubuntu3.2 Vulnerable package: busybox-static Installed version: 1.27.2-2ubuntu3 Fixed version: 1:1.27.2-2ubuntu3.2
Solution type:VendorFix
Please install the updated package(s).
'busybox' package(s) on Ubuntu 18.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS, Ubuntu 14.04 LTS.
Tyler Hicks discovered that BusyBox incorrectly handled symlinks inside tar archives. If a user or automated system were tricked into processing a specially crafted tar archive, a remote attacker could overwrite arbitrary files outside of the current directory. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2011-5325)
Mathias Krause discovered that BusyBox incorrectly handled kernel module loading restrictions. A local attacker could possibly use this issue to bypass intended restrictions. This issue only affected Ubuntu 14.04 LTS. (CVE-2014-9645)
It was discovered that BusyBox incorrectly handled certain ZIP archives. If a user or automated system were tricked into processing a specially crafted ZIP archive, a remote attacker could cause BusyBox to crash, leading to a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2015-9261)
Nico Golde discovered that the BusyBox DHCP client incorrectly handled certain malformed domain names. A remote attacker could possibly use this issue to cause the DHCP client to crash, leading to a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-2147)
Nico Golde discovered that the BusyBox DHCP client incorrectly handled certain 6RD options. A remote attacker could use this issue to cause the DHCP client to crash, leading to a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-2148)
It was discovered that BusyBox incorrectly handled certain bzip2 archives. If a user or automated system were tricked into processing a specially crafted bzip2 archive, a remote attacker could cause BusyBox to crash, leading to a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2017-15873)
It was discovered that BusyBox incorrectly handled tab completion. A local attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2017-16544)
It was discovered that the BusyBox wget utility incorrectly handled certain responses. A remote attacker could use this issue to cause BusyBox to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2018-1000517)
It was discovered that the BusyBox DHCP utilities incorrectly handled certain memory operations. A remote attacker could possibly use this issue to access sensitive information. (CVE-2018-20679, CVE-2019-5747)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for busybox USN-3935-1 (OID:1.3.6.1.4.1.25623.1.0.843963)
Version used: 2019-04-26T08:24:31Z
The remote host is missing an update for the 'curl' package(s) announced via the USN-3882-1 advisory.
Vulnerable package: curl Installed version: 7.58.0-2ubuntu3.2 Fixed version: 7.58.0-2ubuntu3.6
Solution type:VendorFix
Please install the updated package(s).
curl on Ubuntu 18.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS, Ubuntu 14.04 LTS.
Wenxiang Qian discovered that curl incorrectly handled certain NTLM authentication messages. A remote attacker could possibly use this issue to cause curl to crash, resulting in a denial of service. This issue only applied to Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 18.10. (CVE-2018-16890)
Wenxiang Qian discovered that curl incorrectly handled certain NTLMv2 authentication messages. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 18.10. (CVE-2019-3822)
Brian Carpenter discovered that curl incorrectly handled certain SMTP responses. A remote attacker could possibly use this issue to cause curl to crash, resulting in a denial of service. (CVE-2019-3823)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for curl USN-3882-1 (OID:1.3.6.1.4.1.25623.1.0.843899)
Version used: 2019-03-18T16:34:17Z
The remote host is missing an update for the 'openssh' package(s) announced via the USN-3809-1 advisory.
Vulnerable package: openssh-server Installed version: 7.6p1-4 Fixed version: 1:7.6p1-4ubuntu0.1
Solution type:VendorFix
Please install the updated package(s).
openssh on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS, Ubuntu 14.04 LTS.
Robert Swiecki discovered that OpenSSH incorrectly handled certain messages. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-10708)
It was discovered that OpenSSH incorrectly handled certain requests. An attacker could possibly use this issue to access sensitive information. (CVE-2018-15473)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for openssh USN-3809-1 (OID:1.3.6.1.4.1.25623.1.0.843809)
Version used: 2021-06-04T11:00:20Z
The remote host is missing an update for the 'requests' package(s) announced via the USN-3790-1 advisory.
Vulnerable package: python3-requests Installed version: 2.18.4-2 Fixed version: 2.18.4-2ubuntu0.1
Solution type:VendorFix
Please install the updated package(s).
requests on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS, Ubuntu 14.04 LTS.
It was discovered that Requests incorrectly handled certain HTTP headers. An attacker could possibly use this issue to access sensitive information.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for requests USN-3790-1 (OID:1.3.6.1.4.1.25623.1.0.843797)
Version used: 2021-06-03T11:00:21Z
The host is installed with Oracle Java SE and is prone to a remote security vulnerability.
Installed version: 1.7.0update_25 Fixed version: Apply the patch Installation path / port: /opt/atlassian/jira/jre/bin/java
Successful exploitation will allow remote attackers to affect confidentiality and integrity via unknown vectors.
Solution type:VendorFix
Apply the appropriate patch from the vendor. Please see the references for more information.
Oracle Java SE version 1.6.0.181 and earlier, 1.7.0.161 and earlier, 1.8.0.152 and earlier on Linux.
The flaw is due to an unspecified error in the 'Security' component of Java SE.
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (apr2018-3678067) 01 - Linux (OID:1.3.6.1.4.1.25623.1.0.813307)
Version used: 2021-06-30T02:00:35Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The remote host is missing an update for the 'linux' package(s) announced via the USN-4877-1 advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.137.124
Solution type:VendorFix
Please install the updated package(s).
'linux' package(s) on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that the Marvell WiFi-Ex device driver in the Linux kernel did not properly validate ad-hoc SSIDs. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-36158)
discovered that the NFS implementation in the Linux kernel did not properly prevent access outside of an NFS export that is a subdirectory of a file system. An attacker could possibly use this to bypass NFS access restrictions. (CVE-2021-3178)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for linux (USN-4877-1) (OID:1.3.6.1.4.1.25623.1.0.844866)
Version used: 2021-03-17T09:33:35Z
The remote host is missing an update for the 'linux' package(s) announced via the USN-4749-1 advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.136.123
Solution type:VendorFix
Please install the updated package(s).
'linux' package(s) on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Bodong Zhao discovered a use-after-free in the Sun keyboard driver implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2020-25669)
It was discovered that the jfs file system implementation in the Linux kernel contained an out-of-bounds read vulnerability. A local attacker could use this to possibly cause a denial of service (system crash). (CVE-2020-27815)
Shisong Qin and Bodong Zhao discovered that Speakup screen reader driver in the Linux kernel did not correctly handle setting line discipline in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-27830, CVE-2020-28941)
It was discovered that the memory management subsystem in the Linux kernel did not properly handle copy-on-write operations in some situations. A local attacker could possibly use this to gain unintended write access to read-only memory pages. (CVE-2020-29374)
Michael Kurth and Pawel Wieczorkiewicz discovered that the Xen event processing backend in the Linux kernel did not properly limit the number of events queued. An attacker in a guest VM could use this to cause a denial of service in the host OS. (CVE-2020-29568)
Olivier Benjamin and Pawel Wieczorkiewicz discovered a race condition the Xen paravirt block backend in the Linux kernel, leading to a use-after-free vulnerability. An attacker in a guest VM could use this to cause a denial of service in the host OS. (CVE-2020-29569)
Jann Horn discovered that the tty subsystem of the Linux kernel did not use consistent locking in some situations, leading to a read-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2020-29660)
Jann Horn discovered a race condition in the tty subsystem of the Linux kernel in the locking for the TIOCSPGRP ioctl(), leading to a use-after- free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-29661)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for linux (USN-4749-1) (OID:1.3.6.1.4.1.25623.1.0.844848)
Version used: 2021-03-17T09:33:35Z
The remote host is missing an update for the 'linux' package(s) announced via the USN-4907-1 advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.141.128
Solution type:VendorFix
Please install the updated package(s).
'linux' package(s) on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Wen Xu discovered that the xfs file system implementation in the Linux kernel did not properly validate the number of extents in an inode. An attacker could use this to construct a malicious xfs image that, when mounted, could cause a denial of service (system crash). (CVE-2018-13095)
It was discovered that the priority inheritance futex implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-3347)
It was discovered that the network block device (nbd) driver in the Linux kernel contained a use-after-free vulnerability during device setup. A local attacker with access to the nbd device could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-3348)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for linux (USN-4907-1) (OID:1.3.6.1.4.1.25623.1.0.844893)
Version used: 2021-04-21T07:29:02Z
The remote host is missing an update for the 'linux' package(s) announced via the USN-3871-2 advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.45.47
Solution type:VendorFix
Please install the updated package(s).
linux on Ubuntu 18.04 LTS.
USN-3871-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. Unfortunately, that update introduced regressions with docking station displays and mounting ext4 file systems with the meta_bg option enabled. This update fixes the problems.
We apologize for the inconvenience.
Original advisory details:
Wen Xu discovered that a use-after-free vulnerability existed in the ext4 filesystem implementation in the Linux kernel. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-10876, CVE-2018-10879)
Wen Xu discovered that a buffer overflow existed in the ext4 filesystem implementation in the Linux kernel. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-10877)
Wen Xu discovered that an out-of-bounds write vulnerability existed in the ext4 filesystem implementation in the Linux kernel. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-10878, CVE-2018-10882)
Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly ensure that xattr information remained in inode bodies. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service (system crash). (CVE-2018-10880)
Wen Xu discovered that the ext4 file system implementation in the Linux kernel could possibly perform an out of bounds write when updating the journal for an inline file. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service (system crash). (CVE-2018-10883)
It was discovered that a race condition existed in the vsock address family implementation of the Linux kernel that could lead to a use-after-free condition. A local attacker in a guest virtual machine could use this to expose sensitive information (host machine kernel memory). (CVE-2018-14625)
Cfir Cohen discovered that a use-after-free vulnerability existed in the KVM implementation of the Linux kernel, when handling interrupts in environments where nested virtualization is in use (nested KVM virtualization is not enabled by default in Ubuntu kernels). A local attacker in a guest VM could possibly use this to gain administrative privileges in a host machine. (CVE-2018-16882)
Jann Horn discovered that the procfs file system implementation in the L ...
Description truncated, please see the referenced URL(s) for more information.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for linux USN-3871-2 (OID:1.3.6.1.4.1.25623.1.0.843897)
Version used: 2019-03-18T16:34:17Z
The remote host is missing an update for the 'apport' package(s) announced via the USN-4720-1 advisory.
Vulnerable package: apport Installed version: 2.20.9-0ubuntu7.3 Fixed version: 2.20.9-0ubuntu7.23 Vulnerable package: python3-apport Installed version: 2.20.9-0ubuntu7.3 Fixed version: 2.20.9-0ubuntu7.23
Solution type:VendorFix
Please install the updated package(s).
'apport' package(s) on Ubuntu 20.10, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Itai Greenhut discovered that Apport incorrectly parsed certain files in the /proc filesystem. A local attacker could use this issue to escalate privileges and run arbitrary code. (CVE-2021-25682, CVE-2021-25683)
Itai Greenhut discovered that Apport incorrectly handled opening certain special files. A local attacker could possibly use this issue to cause Apport to hang, resulting in a denial of service. (CVE-2021-25684)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for apport (USN-4720-1) (OID:1.3.6.1.4.1.25623.1.0.844814)
Version used: 2021-06-25T06:58:30Z
The remote host is missing an update for the 'sudo' package(s) announced via the USN-4705-1 advisory.
Vulnerable package: sudo Installed version: 1.8.21p2-3ubuntu1 Fixed version: 1.8.21p2-3ubuntu1.4
Solution type:VendorFix
Please install the updated package(s).
'sudo' package(s) on Ubuntu 20.10, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that Sudo incorrectly handled memory when parsing command lines. A local attacker could possibly use this issue to obtain unintended access to the administrator account. (CVE-2021-3156)
It was discovered that the Sudo sudoedit utility incorrectly handled checking directory permissions. A local attacker could possibly use this issue to bypass file permissions and determine if a directory exists or not. (CVE-2021-23239)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for sudo (USN-4705-1) (OID:1.3.6.1.4.1.25623.1.0.844800)
Version used: 2021-02-08T07:52:32Z
The remote host is missing an update for the 'linux' package(s) announced via the USN-4916-1 advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.142.129
Solution type:VendorFix
Please install the updated package(s).
'linux' package(s) on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that the overlayfs implementation in the Linux kernel did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker could use this to gain elevated privileges. (CVE-2021-3493)
Piotr Krysiuk discovered that the BPF JIT compiler for x86 in the Linux kernel did not properly validate computation of branch displacements in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-29154)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for linux (USN-4916-1) (OID:1.3.6.1.4.1.25623.1.0.844903)
Version used: 2021-04-21T07:29:02Z
The remote host is missing an update for the 'linux' package(s) announced via the USN-4946-1 advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.143.130
Solution type:VendorFix
Please install the updated package(s).
'linux' package(s) on Ubuntu 18.04 LTS.
It was discovered that the DRM subsystem in the Linux kernel contained double-free vulnerabilities. A privileged attacker could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-20292)
Olivier Benjamin, Norbert Manthey, Martin Mazein, and Jan H. Schönherr discovered that the Xen paravirtualization backend in the Linux kernel did not properly propagate errors to frontend drivers in some situations. An attacker in a guest VM could possibly use this to cause a denial of service (host domain crash). (CVE-2021-26930)
Jan Beulich discovered that multiple Xen backends in the Linux kernel did not properly handle certain error conditions under paravirtualization. An attacker in a guest VM could possibly use this to cause a denial of service (host domain crash). (CVE-2021-26931)
Jan Beulich discovered that the Xen netback backend in the Linux kernel did not properly handle certain error conditions under paravirtualization. An attacker in a guest VM could possibly use this to cause a denial of service (host domain crash). (CVE-2021-28038)
It was discovered that the Xen paravirtualization backend in the Linux kernel did not properly deallocate memory in some situations. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-28688)
It was discovered that the Freescale Gianfar Ethernet driver for the Linux kernel did not properly handle receive queue overrun when jumbo frames were enabled in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2021-29264)
It was discovered that the USB/IP driver in the Linux kernel contained race conditions during the update of local and shared status. An attacker could use this to cause a denial of service (system crash). (CVE-2021-29265)
It was discovered that a race condition existed in the netfilter subsystem of the Linux kernel when replacing tables. A local attacker could use this to cause a denial of service (system crash). (CVE-2021-29650)
Arnd Bergmann discovered that the video4linux subsystem in the Linux kernel did not properly deallocate memory in some situations. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-30002)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for linux (USN-4946-1) (OID:1.3.6.1.4.1.25623.1.0.844930)
Version used: 2021-06-07T06:36:41Z
The remote host is missing an update for the 'linux' package(s) announced via the USN-4689-4 advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.134.121
Solution type:VendorFix
Please install the updated package(s).
'linux' package(s) on Ubuntu 20.10, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS.
USN-4689-3 fixed vulnerabilities in the NVIDIA server graphics drivers. This update provides the corresponding updates for the NVIDIA Linux DKMS kernel modules.
Original advisory details:
It was discovered that the NVIDIA GPU display driver for the Linux kernel contained a vulnerability that allowed user-mode clients to access legacy privileged APIs. A local attacker could use this to cause a denial of service or escalate privileges. (CVE-2021-1052)
It was discovered that the NVIDIA GPU display driver for the Linux kernel did not properly validate a pointer received from userspace in some situations. A local attacker could use this to cause a denial of service. (CVE-2021-1053)
Xinyuan Lyu discovered that the NVIDIA GPU display driver for the Linux kernel did not properly restrict device-level GPU isolation. A local attacker could use this to cause a denial of service or possibly expose sensitive information. (CVE-2021-1056)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for linux (USN-4689-4) (OID:1.3.6.1.4.1.25623.1.0.844794)
Version used: 2021-01-22T06:41:37Z
The remote host is missing an update for the 'linux' package(s) announced via the USN-3871-1 advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.44.46
Solution type:VendorFix
Please install the updated package(s).
linux on Ubuntu 18.04 LTS.
Wen Xu discovered that a use-after-free vulnerability existed in the ext4 filesystem implementation in the Linux kernel. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-10876, CVE-2018-10879)
Wen Xu discovered that a buffer overflow existed in the ext4 filesystem implementation in the Linux kernel. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-10877)
Wen Xu discovered that an out-of-bounds write vulnerability existed in the ext4 filesystem implementation in the Linux kernel. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-10878, CVE-2018-10882)
Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly ensure that xattr information remained in inode bodies. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service (system crash). (CVE-2018-10880)
Wen Xu discovered that the ext4 file system implementation in the Linux kernel could possibly perform an out of bounds write when updating the journal for an inline file. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service (system crash). (CVE-2018-10883)
It was discovered that a race condition existed in the vsock address family implementation of the Linux kernel that could lead to a use-after-free condition. A local attacker in a guest virtual machine could use this to expose sensitive information (host machine kernel memory). (CVE-2018-14625)
Cfir Cohen discovered that a use-after-free vulnerability existed in the KVM implementation of the Linux kernel, when handling interrupts in environments where nested virtualization is in use (nested KVM virtualization is not enabled by default in Ubuntu kernels). A local attacker in a guest VM could possibly use this to gain administrative privileges in a host machine. (CVE-2018-16882)
Jann Horn discovered that the procfs file system implementation in the Linux kernel did not properly restrict the ability to inspect the kernel stack of an arbitrary task. A local attacker could use this to expose sensitive information. (CVE-2018-17972)
Jann Horn discovered that the mremap() system call in the Linux kernel did not properly flush the TLB when completing, potentially lea ...
Description truncated, please see the referenced URL(s) for more information.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for linux USN-3871-1 (OID:1.3.6.1.4.1.25623.1.0.843884)
Version used: 2019-03-18T16:34:17Z
The remote host is missing an update for the 'grub2-signed' package(s) announced via the USN-4992-1 advisory.
Vulnerable package: grub-efi-amd64-bin Installed version: 2.02-2ubuntu8.4 Fixed version: 2.04-1ubuntu44.1.2 Vulnerable package: grub-efi-amd64-signed Installed version: 1.93.5+2.02-2ubuntu8.4 Fixed version: 1.167~18.04.5+2.04-1ubuntu44.1.2
Solution type:VendorFix
Please install the updated package(s).
'grub2-signed' package(s) on Ubuntu 20.10, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS.
Máté Kukri discovered that the acpi command in GRUB 2 allowed privileged users to load crafted ACPI tables when secure boot is enabled. An attacker could use this to bypass UEFI Secure Boot restrictions. (CVE-2020-14372)
Chris Coulson discovered that the rmmod command in GRUB 2 contained a use- after-free vulnerability. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2020-25632)
Chris Coulson discovered that a buffer overflow existed in the command line parser in GRUB 2. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2020-27749)
It was discovered that the cutmem command in GRUB 2 did not honor secure boot locking. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2020-27779)
It was discovered that the option parser in GRUB 2 contained a heap overflow vulnerability. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2021-20225)
It was discovered that the menu rendering implementation in GRUB 2 did not properly calculate the amount of memory needed in some situations, leading to out-of-bounds writes. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2021-20233)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for grub2-signed (USN-4992-1) (OID:1.3.6.1.4.1.25623.1.0.844980)
Version used: 2021-07-07T14:24:04Z
The remote host is missing an update for the 'linux' package(s) announced via the USN-4689-2 advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.130.117
Solution type:VendorFix
Please install the updated package(s).
'linux' package(s) on Ubuntu 20.10, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS.
USN-4689-1 fixed vulnerabilities in the NVIDIA graphics drivers. This update provides the corresponding updates for the NVIDIA Linux DKMS kernel modules.
Original advisory details:
It was discovered that the NVIDIA GPU display driver for the Linux kernel contained a vulnerability that allowed user-mode clients to access legacy privileged APIs. A local attacker could use this to cause a denial of service or escalate privileges. (CVE-2021-1052)
It was discovered that the NVIDIA GPU display driver for the Linux kernel did not properly validate a pointer received from userspace in some situations. A local attacker could use this to cause a denial of service. (CVE-2021-1053)
Xinyuan Lyu discovered that the NVIDIA GPU display driver for the Linux kernel did not properly restrict device-level GPU isolation. A local attacker could use this to cause a denial of service or possibly expose sensitive information. (CVE-2021-1056)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for linux (USN-4689-2) (OID:1.3.6.1.4.1.25623.1.0.844780)
Version used: 2021-01-19T09:20:28Z
The remote host is missing an update for the 'linux' package(s) announced via the USN-4979-1 advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.144.131
Solution type:VendorFix
Please install the updated package(s).
'linux' package(s) on Ubuntu 18.04 LTS.
Kiyin () discovered that the NFC LLCP protocol implementation in the Linux kernel contained a reference counting error. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-25670)
Kiyin () discovered that the NFC LLCP protocol implementation in the Linux kernel did not properly deallocate memory in certain error situations. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2020-25671, CVE-2020-25672)
Kiyin () discovered that the NFC LLCP protocol implementation in the Linux kernel did not properly handle error conditions in some situations, leading to an infinite loop. A local attacker could use this to cause a denial of service. (CVE-2020-25673)
It was discovered that the Realtek RTL8188EU Wireless device driver in the Linux kernel did not properly validate ssid lengths in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2021-28660)
Zygo Blaxell discovered that the btrfs file system implementation in the Linux kernel contained a race condition during certain cloning operations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2021-28964)
Vince Weaver discovered that the perf subsystem in the Linux kernel did not properly handle certain PEBS records properly for some Intel Haswell processors. A local attacker could use this to cause a denial of service (system crash). (CVE-2021-28971)
It was discovered that the RPA PCI Hotplug driver implementation in the Linux kernel did not properly handle device name writes via sysfs, leading to a buffer overflow. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-28972)
It was discovered that the Qualcomm IPC router implementation in the Linux kernel did not properly initialize memory passed to user space. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2021-29647)
Dan Carpenter discovered that the block device manager (dm) implementation in the Linux kernel contained a buffer overflow in the ioctl for listing devices. A privileged local attacker could use this to cause a denial of service (system crash). (CVE-2021-31916)
It was discovered that the CIPSO implementation in the Linux kernel did not properly perform reference counting in some situations, leading to use- after-free vulnerabilities. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33033)
Wolfgang Frisch discovered that the ext4 fi ...
Description truncated. Please see the references for more information.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for linux (USN-4979-1) (OID:1.3.6.1.4.1.25623.1.0.844965)
Version used: 2021-06-04T12:02:46Z
The remote host is missing an update for the 'linux' package(s) announced via the USN-4680-1 advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.129.116
Solution type:VendorFix
Please install the updated package(s).
'linux' package(s) on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that debugfs in the Linux kernel as used by blktrace contained a use-after-free in some situations. A privileged local attacker could possibly use this to cause a denial of service (system crash). (CVE-2019-19770)
It was discovered that a race condition existed in the binder IPC implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-0423)
Daniele Antonioli, Nils Ole Tippenhauer, and Kasper Rasmussen discovered that legacy pairing and secure-connections pairing authentication in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. A physically proximate attacker could use this to impersonate a previously paired Bluetooth device. (CVE-2020-10135)
It was discovered that the console keyboard driver in the Linux kernel contained a race condition. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2020-25656)
Minh Yuan discovered that the tty driver in the Linux kernel contained race conditions when handling fonts. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2020-25668)
Keyu Man discovered that the ICMP global rate limiter in the Linux kernel could be used to assist in scanning open UDP ports. A remote attacker could use to facilitate attacks on UDP based services that depend on source port randomization. (CVE-2020-25705)
Jinoh Kang discovered that the Xen event channel infrastructure in the Linux kernel contained a race condition. An attacker in guest could possibly use this to cause a denial of service (dom0 crash). (CVE-2020-27675)
Daniel Axtens discovered that PowerPC RTAS implementation in the Linux kernel did not properly restrict memory accesses in some situations. A privileged local attacker could use this to arbitrarily modify kernel memory, potentially bypassing kernel lockdown restrictions. (CVE-2020-27777)
Minh Yuan discovered that the framebuffer console driver in the Linux kernel did not properly handle fonts in some conditions. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2020-28974)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for linux (USN-4680-1) (OID:1.3.6.1.4.1.25623.1.0.844765)
Version used: 2021-01-12T06:51:19Z
The remote host is missing an update for the 'linux' package(s) announced via the USN-4660-2 advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.128.115
Solution type:VendorFix
Please install the updated package(s).
'linux' package(s) on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
USN-4660-1 fixed vulnerabilities in the Linux kernel. Unfortunately, that update introduced a regression in the software raid10 driver when used with fstrim that could lead to data corruption. This update fixes the problem.
Original advisory details:
It was discovered that a race condition existed in the perf subsystem of the Linux kernel, leading to a use-after-free vulnerability. An attacker with access to the perf subsystem could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-14351)
It was discovered that the frame buffer implementation in the Linux kernel did not properly handle some edge cases in software scrollback. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-14390)
It was discovered that the netfilter connection tracker for netlink in the Linux kernel did not properly perform bounds checking in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-25211)
It was discovered that the Rados block device (rbd) driver in the Linux kernel did not properly perform privilege checks for access to rbd devices in some situations. A local attacker could use this to map or unmap rbd block devices. (CVE-2020-25284)
It was discovered that a race condition existed in the hugetlb sysctl implementation in the Linux kernel. A privileged attacker could use this to cause a denial of service (system crash). (CVE-2020-25285)
It was discovered that the block layer subsystem in the Linux kernel did not properly handle zero-length requests. A local attacker could use this to cause a denial of service. (CVE-2020-25641)
It was discovered that the HDLC PPP implementation in the Linux kernel did not properly validate input in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-25643)
It was discovered that the GENEVE tunnel implementation in the Linux kernel when combined with IPSec did not properly select IP routes in some situations. An attacker could use this to expose sensitive information (unencrypted network traffic). (CVE-2020-25645)
It was discovered that the framebuffer implementation in the Linux kernel did not properly perform range checks in certain situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2020-28915)
It was discovered that Power 9 processors could be coerced to expose information from the L1 cache in certain situations. A local attacker could use this to expose sensitive information. (CVE-2020-4788)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for linux (USN-4660-2) (OID:1.3.6.1.4.1.25623.1.0.844759)
Version used: 2021-07-09T11:00:55Z
The remote host is missing an update for the 'linux' package(s) announced via the USN-4135-1 advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.64.66
Solution type:VendorFix
Please install the updated package(s).
'linux' package(s) on Ubuntu 19.04, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Peter Pi discovered a buffer overflow in the virtio network backend (vhost_net) implementation in the Linux kernel. An attacker in a guest may be able to use this to cause a denial of service (host OS crash) or possibly execute arbitrary code in the host OS. (CVE-2019-14835)
It was discovered that the Linux kernel on PowerPC architectures did not properly handle Facility Unavailable exceptions in some situations. A local attacker could use this to expose sensitive information. (CVE-2019-15030)
It was discovered that the Linux kernel on PowerPC architectures did not properly handle exceptions on interrupts in some situations. A local attacker could use this to expose sensitive information. (CVE-2019-15031)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for linux USN-4135-1 (OID:1.3.6.1.4.1.25623.1.0.844182)
Version used: 2019-09-20T05:25:28Z
Sudo is prone to a heap-based buffer overflow dubbed 'Baron Samedit'.
Used command: sudoedit -s '\' `perl -e 'print "A" x 65536'` Result: sudoedit -s '' `perl -e 'print "A" x 65536'` Segmentation fault (core dumped) ]0;vscan@demo-ubuntu-18.vscan.tech: ~vscan@demo-ubuntu-18.vscan.tech:~$
Solution type:VendorFix
Update to version 1.9.5p2 or later.
All legacy versions from 1.8.2 to 1.8.31p2 and all stable versions from 1.9.0 to 1.9.5p1 in their default configuration.
Sudo is allowing privilege escalation to root via 'sudoedit -s' and a command-line argument that ends with a single backslash character.
Runs a specific SSH command after the login to the target which is known to trigger an error message on affected versions of Sudo.
Details: Sudo Heap-Based Buffer Overflow Vulnerability (Baron Samedit) - Active Check (OID:1.3.6.1.4.1.25623.1.0.117187)
Version used: 2021-07-14T12:36:58Z
| Product: | cpe:/a:sudo_project:sudo:1.8.21:p2 |
| Method: | sudo / sudoers Detection (Linux/Unix SSH Login) (OID: 1.3.6.1.4.1.25623.1.0.117185 ) |
The remote host is missing an update for the 'linux' package(s) announced via the USN-4660-1 advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.126.113
Solution type:VendorFix
Please install the updated package(s).
'linux' package(s) on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that a race condition existed in the perf subsystem of the Linux kernel, leading to a use-after-free vulnerability. An attacker with access to the perf subsystem could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-14351)
It was discovered that the frame buffer implementation in the Linux kernel did not properly handle some edge cases in software scrollback. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-14390)
It was discovered that the netfilter connection tracker for netlink in the Linux kernel did not properly perform bounds checking in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-25211)
It was discovered that the Rados block device (rbd) driver in the Linux kernel did not properly perform privilege checks for access to rbd devices in some situations. A local attacker could use this to map or unmap rbd block devices. (CVE-2020-25284)
It was discovered that a race condition existed in the hugetlb sysctl implementation in the Linux kernel. A privileged attacker could use this to cause a denial of service (system crash). (CVE-2020-25285)
It was discovered that the block layer subsystem in the Linux kernel did not properly handle zero-length requests. A local attacker could use this to cause a denial of service. (CVE-2020-25641)
It was discovered that the HDLC PPP implementation in the Linux kernel did not properly validate input in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-25643)
It was discovered that the GENEVE tunnel implementation in the Linux kernel when combined with IPSec did not properly select IP routes in some situations. An attacker could use this to expose sensitive information (unencrypted network traffic). (CVE-2020-25645)
It was discovered that the framebuffer implementation in the Linux kernel did not properly perform range checks in certain situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2020-28915)
It was discovered that Power 9 processors could be coerced to expose information from the L1 cache in certain situations. A local attacker could use this to expose sensitive information. (CVE-2020-4788)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for linux (USN-4660-1) (OID:1.3.6.1.4.1.25623.1.0.844745)
Version used: 2021-07-12T02:00:56Z
The remote host is missing an update for the 'python2.7' package(s) announced via the USN-4581-1 advisory.
Vulnerable package: python3.6 Installed version: 3.6.5-3 Fixed version: 3.6.9-1~18.04ubuntu1.3 Vulnerable package: python3.6-minimal Installed version: 3.6.5-3 Fixed version: 3.6.9-1~18.04ubuntu1.3
Solution type:VendorFix
Please install the updated package(s).
'python2.7' package(s) on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that Python incorrectly handled certain character sequences. A remote attacker could possibly use this issue to perform CRLF injection.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for python2.7 (USN-4581-1) (OID:1.3.6.1.4.1.25623.1.0.844652)
Version used: 2021-07-12T02:00:56Z
The host is installed with Oracle Java SE and is prone to multiple vulnerabilities.
Installed version: 1.7.0update_25 Fixed version: Apply the patch Installation path / port: /opt/atlassian/jira/jre/bin/java
Successful exploitation will allow attackers to cause some unspecified impacts.
Solution type:VendorFix
Apply the patch from the referenced advisory.
Oracle Java SE version 1.6.0.141 and earlier, 1.7.0.131 and earlier, 1.8.0.121 and earlier on Linux.
Multiple flaws exist due to multiple unspecified errors in 'AWT', 'JCE', 'JAXP', 'Networking', 'Security' and 'Deployment' sub-components.
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (cpuapr2017-3236618) 01 - Linux (OID:1.3.6.1.4.1.25623.1.0.108382)
Version used: 2020-10-29T15:35:19Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The remote host is missing an update for the 'apport' package(s) announced via the USN-4449-1 advisory.
Vulnerable package: apport Installed version: 2.20.9-0ubuntu7.3 Fixed version: 2.20.9-0ubuntu7.16 Vulnerable package: python3-apport Installed version: 2.20.9-0ubuntu7.3 Fixed version: 2.20.9-0ubuntu7.16
Solution type:VendorFix
Please install the updated package(s).
'apport' package(s) on Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Ryota Shiga discovered that Apport incorrectly dropped privileges when making certain D-Bus calls. A local attacker could use this issue to read arbitrary files. (CVE-2020-11936)
Seong-Joong Kim discovered that Apport incorrectly parsed configuration files. A local attacker could use this issue to cause Apport to crash, resulting in a denial of service. (CVE-2020-15701)
Ryota Shiga discovered that Apport incorrectly implemented certain checks. A local attacker could use this issue to escalate privileges and run arbitrary code. (CVE-2020-15702)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for apport (USN-4449-1) (OID:1.3.6.1.4.1.25623.1.0.844529)
Version used: 2021-07-12T11:00:45Z
The remote host is missing an update for the 'linux' package(s) announced via the referenced advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.36.38
Solution type:VendorFix
Please install the updated packages.
linux on Ubuntu 18.04 LTS
Jann Horn discovered that the vmacache subsystem did not properly handle sequence number overflows, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2018-17182)
It was discovered that the paravirtualization implementation in the Linux kernel did not properly handle some indirect calls, reducing the effectiveness of Spectre v2 mitigations for paravirtual guests. A local attacker could use this to expose sensitive information. (CVE-2018-15594)
It was discovered that microprocessors utilizing speculative execution and prediction of return addresses via Return Stack Buffer (RSB) may allow unauthorized memory reads via sidechannel attacks. An attacker could use this to expose sensitive information. (CVE-2018-15572)
Andy Lutomirski and Mika Penttil discovered that the KVM implementation in the Linux kernel did not properly check privilege levels when emulating some instructions. An unprivileged attacker in a guest VM could use this to escalate privileges within the guest. (CVE-2018-10853)
It was discovered that a stack-based buffer overflow existed in the iSCSI target implementation of the Linux kernel. A remote attacker could use this to cause a denial of service (system crash). (CVE-2018-14633)
It was discovered that a memory leak existed in the IRDA subsystem of the Linux kernel. A local attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2018-6554)
It was discovered that a use-after-free vulnerability existed in the IRDA implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-6555)
Checks if a vulnerable version is present on the target host.
Details: Ubuntu Update for linux USN-3777-1 (OID:1.3.6.1.4.1.25623.1.0.843647)
Version used: 2021-06-03T02:00:18Z
The remote host is missing an update for the 'linux' package(s) announced via the USN-3836-1 advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.42.44
Solution type:VendorFix
Please install the updated package(s).
linux on Ubuntu 18.04 LTS.
Jann Horn discovered that the Linux kernel mishandles mapping UID or GID ranges inside nested user namespaces in some situations. A local attacker could use this to bypass access controls on resources outside the namespace. (CVE-2018-18955)
Philipp Wendler discovered that the overlayfs implementation in the Linux kernel did not properly verify the directory contents permissions from within a unprivileged user namespace. A local attacker could use this to expose sensitive information (protected file names). (CVE-2018-6559)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for linux USN-3836-1 (OID:1.3.6.1.4.1.25623.1.0.843843)
Version used: 2021-06-04T02:00:20Z
The remote host is missing an update for the 'linux' package(s) announced via the USN-4345-1 advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.99.89
Solution type:VendorFix
Please install the updated package(s).
'linux' package(s) on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Al Viro discovered that the Linux kernel for s390x systems did not properly perform page table upgrades for kernel sections that use secondary address mode. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2020-11884)
It was discovered that the Intel Wi-Fi driver in the Linux kernel did not properly check for errors in some situations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2019-16234)
Tristan Madani discovered that the block I/O tracing implementation in the Linux kernel contained a race condition. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2019-19768)
It was discovered that the vhost net driver in the Linux kernel contained a stack buffer overflow. A local attacker with the ability to perform ioctl() calls on /dev/vhost-net could use this to cause a denial of service (system crash). (CVE-2020-10942)
It was discovered that the OV51x USB Camera device driver in the Linux kernel did not properly validate device metadata. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2020-11608)
It was discovered that the STV06XX USB Camera device driver in the Linux kernel did not properly validate device metadata. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2020-11609)
It was discovered that the Xirlink C-It USB Camera device driver in the Linux kernel did not properly validate device metadata. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2020-11668)
It was discovered that the virtual terminal implementation in the Linux kernel contained a race condition. A local attacker could possibly use this to cause a denial of service (system crash) or expose sensitive information. (CVE-2020-8648)
Jordy Zomer discovered that the floppy driver in the Linux kernel did not properly check for errors in some situations. A local attacker could possibly use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2020-9383)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for linux (USN-4345-1) (OID:1.3.6.1.4.1.25623.1.0.844406)
Version used: 2021-07-09T02:00:48Z
The host is installed with Oracle Java SE JRE and is prone to multiple unspecified vulnerabilities.
Installed version: 1.7.0update_25 Fixed version: Apply the patch
Successful exploitation will allow attackers to have an impact on confidentiality, integrity, and availability via different vectors.
Solution type:VendorFix
Apply the patch from the referenced advisory.
Oracle Java SE 7 update 85 and prior, 8 update 60 and prior on Linux.
Multiple flaws are due to multiple unspecified errors.
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE JRE Multiple Unspecified Vulnerabilities-03 Oct 2015 (Linux) (OID:1.3.6.1.4.1.25623.1.0.108402)
Version used: 2018-10-12T11:22:41Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The host is installed with Oracle Java SE and is prone to multiple unspecified vulnerabilities.
Installed version: 1.7.0update_25 Fixed version: Apply the patch Installation path / port: /opt/atlassian/jira/jre/bin/java
Successful exploitation will allow remote users to cause denial of service conditions on the target system, a remote or local user can obtain elevated privileges on the target system.
Solution type:VendorFix
Apply the patch from the referenced advisory.
Oracle Java SE 7 update 101 and prior, and 8 update 92 and prior on Linux.
Multiple flaws are due to:
- A flaw in the Hotspot component.
- A flaw in the JavaFX component.
- A flaw in the Deployment component.
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Multiple Unspecified Vulnerabilities-02 July 2016 (Linux) (OID:1.3.6.1.4.1.25623.1.0.108386)
Version used: 2019-05-17T10:45:27Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The remote host is missing an update for the 'linux' package(s) announced via the USN-5003-1 advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.147.134
Solution type:VendorFix
Please install the updated package(s).
'linux' package(s) on Ubuntu 18.04 LTS.
Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code. (CVE-2021-3609)
It was discovered that the eBPF implementation in the Linux kernel did not properly track bounds information for 32 bit registers when performing div and mod operations. A local attacker could use this to possibly execute arbitrary code. (CVE-2021-3600)
Or Cohen discovered that the SCTP implementation in the Linux kernel contained a race condition in some situations, leading to a use-after-free condition. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-23133)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for linux (USN-5003-1) (OID:1.3.6.1.4.1.25623.1.0.844987)
Version used: 2021-07-07T14:24:04Z
The remote host is missing an update for the 'cpio' package(s) announced via the USN-4176-1 advisory.
Vulnerable package: cpio Installed version: 2.12+dfsg-6 Fixed version: 2.12+dfsg-6ubuntu0.18.04.1
Solution type:VendorFix
Please install the updated package(s).
'cpio' package(s) on Ubuntu 19.10, Ubuntu 19.04, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Thomas Habets discovered that GNU cpio incorrectly handled certain inputs. An attacker could possibly use this issue to access sensitive information.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for cpio USN-4176-1 (OID:1.3.6.1.4.1.25623.1.0.844226)
Version used: 2020-01-14T08:22:37Z
The host is installed with Oracle Java SE and is prone to multiple security vulnerabilities.
Installed version: 1.7.0update_25 Fixed version: Apply the patch Installation path / port: /opt/atlassian/jira/jre/bin/java
Successful exploitation will allow remote attacker to have an impact on confidentiality, integrity and availability.
Solution type:VendorFix
The vendor has released updates. Please see the references for more information.
Oracle Java SE version 7u241 (1.7.0.241) and earlier, 8u231 (1.8.0.231) and earlier, 11.0.5 and earlier, 13.0.1 on Linux.
Multiple flaws are due to errors in components Serialization, JavaFX (libxslt), Networking, Libraries and Security.
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates(jan2020) 01 - Linux (OID:1.3.6.1.4.1.25623.1.0.816603)
Version used: 2020-05-12T13:57:17Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The remote host is missing an update for the 'libzstd' package(s) announced via the USN-4108-1 advisory.
Vulnerable package: libzstd1 Installed version: 1.3.3+dfsg-2ubuntu1 Fixed version: 1.3.3+dfsg-2ubuntu1.1
Solution type:VendorFix
Please install the updated package(s).
'libzstd' package(s) on Ubuntu 18.04 LTS.
It was discovered that Zstandard incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for libzstd USN-4108-1 (OID:1.3.6.1.4.1.25623.1.0.844150)
Version used: 2019-08-28T11:48:42Z
The host is installed with Oracle Java SE and is prone to multiple vulnerabilities.
Installed version: 1.7.0update_25 Fixed version: Apply the patch Installation path / port: /opt/atlassian/jira/jre/bin/java
Successful exploitation of this vulnerability will allow attackers to cause some unspecified impacts.
Solution type:VendorFix
Apply the patch from the referenced advisory.
Oracle Java SE version 1.6.0.131 and earlier, 1.7.0.121 and earlier, 1.8.0.112 and earlier on Linux.
Multiple flaws exist due to multiple unspecified errors in 'Libraries', 'RMI', '2D', 'JAAS', 'Networking' and 'Deployment' sub-components.
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (jan2017-2881727) 01 - Linux (OID:1.3.6.1.4.1.25623.1.0.108372)
Version used: 2020-10-29T15:35:19Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
Atlassian JIRA is prone to multiple vulnerabilities.
Installed version: 6.3 Fixed version: 7.1.9
Solution type:VendorFix
Update to version 7.1.9 or later.
Atlassian JIRA before 7.1.9.
Atlassian JIRA is prone to multiple vulnerabilities:
- XSS vulnerability in project/ViewDefaultProjectRoleActors.jspa via a role name. (CVE-2016-4318)
- CSRF vulnerability in /auditing/settings. (CVE-2016-4319)
Checks if a vulnerable version is present on the target host.
Details: Atlassian JIRA Multiple Vulnerabilities (OID:1.3.6.1.4.1.25623.1.0.106761)
Version used: 2018-10-26T06:33:36Z
The host is installed with Oracle Java SE and is prone to multiple vulnerabilities.
Installed version: 1.7.0update_25 Fixed version: Apply the patch Installation path / port: /opt/atlassian/jira/jre/bin/java
Successful exploitation of this vulnerability will allow attackers to have some unspecified impacts on affected system.
Solution type:VendorFix
Apply the patch from the referenced advisory.
Oracle Java SE version 1.7.0.121 and earlier, 1.8.0.112 and earlier on Linux
Multiple flaws exist due to multiple unspecified errors in 'Hotspot', 'Libraries' and 'AWT' sub-components.
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (jan2017-2881727) 03 - Linux (OID:1.3.6.1.4.1.25623.1.0.108374)
Version used: 2020-10-29T15:35:19Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The remote host is missing an update for the 'file' package(s) announced via the USN-3911-1 advisory.
Vulnerable package: file Installed version: 5.32-2ubuntu0.1 Fixed version: 1:5.32-2ubuntu0.2
Solution type:VendorFix
Please install the updated package(s).
file on Ubuntu 18.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that file incorrectly handled certain malformed ELF files. An attacker could use this issue to cause a denial of service, or possibly execute arbitrary code.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for file USN-3911-1 (OID:1.3.6.1.4.1.25623.1.0.843936)
Version used: 2019-03-19T10:46:59Z
The host is installed with Oracle Java SE and is prone to multiple vulnerabilities.
Installed version: 1.7.0update_25 Fixed version: Apply the patch Installation path / port: /opt/atlassian/jira/jre/bin/java
Successful exploitation of this vulnerability will allow remote attackers to have an impact on confidentiality, integrity and availablility.
Solution type:VendorFix
Apply the patch from the referenced advisory.
Oracle Java SE version 1.7.0.141 and earlier, 1.8.0.131 and earlier, on Linux
Multiple flaws exist due to multiple unspecified errors in 'Libraries', 'JavaFX', 'JCE', 'Security' and 'Deployment' component of application.
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (jul2017-3236622) 03 - Linux (OID:1.3.6.1.4.1.25623.1.0.108377)
Version used: 2020-10-29T15:35:19Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The host is installed with Oracle Java SE and is prone to multiple vulnerabilities.
Installed version: 1.7.0update_25 Fixed version: Apply the patch Installation path / port: /opt/atlassian/jira/jre/bin/java
Successful exploitation of this vulnerability will allow remote attacker to have an impact on confidentiality, integrity and availability
Solution type:VendorFix
The vendor has released updates. Please see the references for more information.
Oracle Java SE version 7u211(1.7.0.211) and earlier, 8u202(1.8.0.202) and earlier on Linux.
Multiple flaws exist due to multiple errors in '2D' component of the Java SE
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (apr2019-5072813) 02 - Linux (OID:1.3.6.1.4.1.25623.1.0.815105)
Version used: 2020-10-29T15:35:19Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The remote host is missing an update for the 'sqlite3' package(s) announced via the USN-4205-1 advisory.
Vulnerable package: libsqlite3-0 Installed version: 3.22.0-1 Fixed version: 3.22.0-1ubuntu0.2
Solution type:VendorFix
Please install the updated package(s).
'sqlite3' package(s) on Ubuntu 19.10, Ubuntu 19.04, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that SQLite incorrectly handled certain schemas. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 ESM. (CVE-2018-8740)
It was discovered that SQLite incorrectly handled certain schemas. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 19.04. (CVE-2019-16168)
It was discovered that SQLite incorrectly handled certain schemas. An attacker could possibly use this issue to mishandles some expressions. This issue only affected Ubuntu 19.04 and Ubuntu 19.10. (CVE-2019-19242)
It was discovered that SQLite incorrectly handled certain queries. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 19.04 and Ubuntu 19.10. (CVE-2019-19244)
It was discovered that SQLite incorrectly handled certain SQL commands. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 19.04. (CVE-2019-5018)
It was discovered that SQLite incorrectly handled certain commands. An attacker could possibly use this issue to execute arbitrary code. (CVE-2019-5827)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for sqlite3 USN-4205-1 (OID:1.3.6.1.4.1.25623.1.0.844254)
Version used: 2019-12-18T09:57:42Z
The remote host is missing an update for the 'linux-firmware' package(s) announced via the USN-4351-1 advisory.
Vulnerable package: linux-firmware Installed version: 1.173.1 Fixed version: 1.173.18
Solution type:VendorFix
Please install the updated package(s).
'linux-firmware' package(s) on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Eli Biham and Lior Neumann discovered that certain Bluetooth devices incorrectly validated key exchange parameters. An attacker could possibly use this issue to obtain sensitive information.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for linux-firmware (USN-4351-1) (OID:1.3.6.1.4.1.25623.1.0.844420)
Version used: 2021-07-12T02:00:56Z
The host is installed with Oracle Java SE JRE and is prone to multiple unspecified vulnerabilities.
The target host was found to be vulnerable
Successful exploitation will allow attackers to bypass security restrictions, disclose sensitive information, manipulate certain data, conduct IP spoofing attacks or hijack a mutually authenticated session.
Solution type:VendorFix
Apply the patch from the referenced advisory.
Oracle Java SE 5 update 71 and prior, 6 update 81 and prior, 7 update 67 and prior, and 8 update 20 and prior on Linux
Multiple flaws exist due to:
- An unspecified error in share/classes/javax/crypto/CipherInputStream.java script related to streaming of input cipher streams.
- An error in share/classes/java/util/ResourceBundle.java script related to property processing and handling of names.
- An error in the 'LogRecord::readObject' function in classes/java/util/logging/LogRecord.java related to handling of resource bundles.
- An error related to the wrapping of datagram sockets in the DatagramSocket implementation.
- An error in share/classes/java/util/logging/Logger.java related to missing permission checks of logger resources.
- An error related to handling of server certificate changes during SSL/TLS renegotiation.
- An error within the 2D subcomponent of the client deployment.
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE JRE Multiple Unspecified Vulnerabilities-01 Oct 2014 (Linux) (OID:1.3.6.1.4.1.25623.1.0.108411)
Version used: 2020-05-12T13:57:17Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The remote host is missing an update for the 'gnupg2' package(s) announced via the USN-3853-1 advisory.
Vulnerable package: gnupg Installed version: 2.2.4-1ubuntu1.1 Fixed version: 2.2.4-1ubuntu1.2
Solution type:VendorFix
Please install the updated package(s).
gnupg2 on Ubuntu 18.10, Ubuntu 18.04 LTS.
Ben Fuhrmannek discovered that GnuPG incorrectly handled Web Key Directory lookups. A remote attacker could possibly use this issue to cause a denial of service, or perform Cross-Site Request Forgery attacks.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for gnupg2 USN-3853-1 (OID:1.3.6.1.4.1.25623.1.0.843866)
Version used: 2019-03-18T16:34:17Z
The host is installed with Oracle Java SE and is prone to multiple vulnerabilities.
Installed version: 1.7.0update_25 Fixed version: Apply the patch Installation path / port: /opt/atlassian/jira/jre/bin/java
Successful exploitation of this vulnerability will allow remote attackers to have an impact on confidentiality, integrity and availablility.
Solution type:VendorFix
Apply the patch from the referenced advisory.
Oracle Java SE version 1.6.0.151 and earlier, 1.7.0.141 and earlier, 1.8.0.131 and earlier on Linux.
Multiple flaws exist due to multiple unspecifide errors in 'Security', 'AWT', 'ImageIO', 'JAXP', 'Libraries', 'RMI', 'Hotspot', 'JCE', 'JAX-WS', '2D', 'Serialization', 'Deployment' component of the application.
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (jul2017-3236622) 01 - Linux (OID:1.3.6.1.4.1.25623.1.0.108375)
Version used: 2020-10-29T15:35:19Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The remote host is missing an update for the 'nettle' package(s) announced via the USN-4906-1 advisory.
Vulnerable package: libnettle6 Installed version: 3.4-1 Fixed version: 3.4-1ubuntu0.1
Solution type:VendorFix
Please install the updated package(s).
'nettle' package(s) on Ubuntu 20.10, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that Nettle incorrectly handled signature verification. A remote attacker could use this issue to cause Nettle to crash, resulting in a denial of service, or possibly force invalid signatures.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for nettle (USN-4906-1) (OID:1.3.6.1.4.1.25623.1.0.844894)
Version used: 2021-04-21T07:29:02Z
The host is installed with Oracle Java SE and is prone to multiple vulnerabilities.
Installed version: 1.7.0update_25 Fixed version: Apply the patch Installation path / port: /opt/atlassian/jira/jre/bin/java
Successful exploitation of this vulnerability will allow remote attackers to access data.
Solution type:VendorFix
Apply the patch from the referenced advisory.
Oracle Java SE version 1.7.0.161 and earlier, 1.8.0.152 and earlier, 9.0.1 and earlier on Linux
Multiple flaws exist due to:
- An error in the 'JGSS' sub-component of application.
- An error in the 'JavaFX' sub-component of application.
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (jan2018-3236628) 04 - Linux (OID:1.3.6.1.4.1.25623.1.0.108371)
Version used: 2021-06-30T02:00:35Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The host is installed with Oracle Java SE and is prone to multiple vulnerabilities.
Installed version: 1.7.0update_25 Fixed version: Apply the patch Installation path / port: /opt/atlassian/jira/jre/bin/java
Successful exploitation of this vulnerability will allow remote attackers to gain elevated privileges, partially access and partially modify data, access sensitive data, obtain sensitive information or cause a denial of service, .
Solution type:VendorFix
Apply the patch from the referenced advisory.
Oracle Java SE version 1.6.0.161 and earlier, 1.7.0.151 and earlier, 1.8.0.144 and earlier, 9.0 on Linux.
Multiple flaws exist due to flaws in the 'Hotspot', 'RMI ', 'Libraries', 'Smart Card IO', 'Security', 'Javadoc', 'JAXP', 'Serialization' and 'Networking' components of the application.
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (oct2017-3236626) 02 - Linux (OID:1.3.6.1.4.1.25623.1.0.108379)
Version used: 2020-10-29T15:35:19Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The remote host is missing an update for the 'linux' package(s) announced via the USN-4390-1 advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.106.94
Solution type:VendorFix
Please install the updated package(s).
'linux' package(s) on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that the F2FS file system implementation in the Linux kernel did not properly perform bounds checking on xattrs in some situations. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2020-0067)
It was discovered that memory contents previously stored in microarchitectural special registers after RDRAND, RDSEED, and SGX EGETKEY read operations on Intel client and Xeon E3 processors may be briefly exposed to processes on the same or different processor cores. A local attacker could use this to expose sensitive information. (CVE-2020-0543)
Piotr Krysiuk discovered that race conditions existed in the file system implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-12114)
It was discovered that the USB susbsystem's scatter-gather implementation in the Linux kernel did not properly take data references in some situations, leading to a use-after-free. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-12464)
Xiumei Mu discovered that the IPSec implementation in the Linux kernel did not properly encrypt IPv6 traffic in some situations. An attacker could use this to expose sensitive information. (CVE-2020-1749)
Dmitry Vyukov discovered that the SELinux netlink security hook in the Linux kernel did not validate messages in some situations. A privileged attacker could use this to bypass SELinux netlink restrictions. (CVE-2020-10751)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for linux (USN-4390-1) (OID:1.3.6.1.4.1.25623.1.0.844465)
Version used: 2021-07-12T02:00:56Z
The remote host is missing an update for the 'e2fsprogs' package(s) announced via the USN-4249-1 advisory.
Vulnerable package: e2fsprogs Installed version: 1.44.1-1 Fixed version: 1.44.1-1ubuntu1.3
Solution type:VendorFix
Please install the updated package(s).
'e2fsprogs' package(s) on Ubuntu 19.10, Ubuntu 19.04, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that e2fsprogs incorrectly handled certain ext4 partitions. An attacker could possibly use this issue to execute arbitrary code.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for e2fsprogs USN-4249-1 (OID:1.3.6.1.4.1.25623.1.0.844307)
Version used: 2021-07-12T02:00:56Z
The remote host is missing an update for the 'linux' package(s) announced via the USN-4426-1 advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.112.100
Solution type:VendorFix
Please install the updated package(s).
'linux' package(s) on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Jason A. Donenfeld discovered that the ACPI implementation in the Linux kernel did not properly restrict loading SSDT code from an EFI variable. A privileged attacker could use this to bypass Secure Boot lockdown restrictions and execute arbitrary code in the kernel. (CVE-2019-20908)
Fan Yang discovered that the mremap implementation in the Linux kernel did not properly handle DAX Huge Pages. A local attacker with access to DAX storage could use this to gain administrative privileges. (CVE-2020-10757)
Mauricio Faria de Oliveira discovered that the aufs implementation in the Linux kernel improperly managed inode reference counts in the vfsub_dentry_open() method. A local attacker could use this vulnerability to cause a denial of service. (CVE-2020-11935)
Jason A. Donenfeld discovered that the ACPI implementation in the Linux kernel did not properly restrict loading ACPI tables via configfs. A privileged attacker could use this to bypass Secure Boot lockdown restrictions and execute arbitrary code in the kernel. (CVE-2020-15780)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for linux (USN-4426-1) (OID:1.3.6.1.4.1.25623.1.0.844500)
Version used: 2021-07-13T02:01:14Z
The remote host is missing an update for the 'python-urllib3' package(s) announced via the USN-4570-1 advisory.
Vulnerable package: python3-urllib3 Installed version: 1.22-1 Fixed version: 1.22-1ubuntu0.18.04.2
Solution type:VendorFix
Please install the updated package(s).
'python-urllib3' package(s) on Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that urllib3 incorrectly handled certain character sequences. A remote attacker could possibly use this issue to perform CRLF injection.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for python-urllib3 (USN-4570-1) (OID:1.3.6.1.4.1.25623.1.0.844638)
Version used: 2021-07-13T02:01:14Z
The remote host is missing an update for the 'freetype' package(s) announced via the USN-4593-1 advisory.
Vulnerable package: libfreetype6 Installed version: 2.8.1-2ubuntu2 Fixed version: 2.8.1-2ubuntu2.1
Solution type:VendorFix
Please install the updated package(s).
'freetype' package(s) on Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Sergei Glazunov discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash or possibly execute arbitrary code with user privileges.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for freetype (USN-4593-1) (OID:1.3.6.1.4.1.25623.1.0.844664)
Version used: 2021-07-12T02:00:56Z
The remote host is missing an update for the 'accountsservice' package(s) announced via the USN-4616-1 advisory.
Vulnerable package: accountsservice Installed version: 0.6.45-1ubuntu1 Fixed version: 0.6.45-1ubuntu1.3 Vulnerable package: libaccountsservice0 Installed version: 0.6.45-1ubuntu1 Fixed version: 0.6.45-1ubuntu1.3
Solution type:VendorFix
Please install the updated package(s).
'accountsservice' package(s) on Ubuntu 20.10, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Kevin Backhouse discovered that AccountsService incorrectly dropped privileges. A local user could possibly use this issue to cause AccountsService to crash or hang, resulting in a denial of service. (CVE-2020-16126)
Kevin Backhouse discovered that AccountsService incorrectly handled reading .pam_environment files. A local user could possibly use this issue to cause AccountsService to crash or hang, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 20.10. (CVE-2020-16127)
Matthias Gerstner discovered that AccountsService incorrectly handled certain path checks. A local attacker could possibly use this issue to read arbitrary files. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2018-14036)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for accountsservice (USN-4616-1) (OID:1.3.6.1.4.1.25623.1.0.844694)
Version used: 2021-07-09T02:00:48Z
The remote host is missing an update for the 'linux' package(s) announced via the USN-4318-1 advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.96.87
Solution type:VendorFix
Please install the updated package(s).
'linux' package(s) on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Al Viro discovered that the vfs layer in the Linux kernel contained a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2020-8428)
Gustavo Romero and Paul Mackerras discovered that the KVM implementation in the Linux kernel for PowerPC processors did not properly keep guest state separate from host state. A local attacker in a KVM guest could use this to cause a denial of service (host system crash). (CVE-2020-8834)
Shijie Luo discovered that the ext4 file system implementation in the Linux kernel did not properly check for a too-large journal size. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service (soft lockup). (CVE-2020-8992)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for linux (USN-4318-1) (OID:1.3.6.1.4.1.25623.1.0.844383)
Version used: 2021-07-13T02:01:14Z
The remote host is missing an update for the 'libmspack' package(s) announced via the USN-3814-1 advisory.
Vulnerable package: libmspack0 Installed version: 0.6-3ubuntu0.1 Fixed version: 0.6-3ubuntu0.2
Solution type:VendorFix
Please install the updated package(s).
libmspack on Ubuntu 18.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered libmspack incorrectly handled certain malformed CAB files. A remote attacker could use this issue to cause libmspack to crash, resulting in a denial of service. (CVE-2018-18584, CVE-2018-18585)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for libmspack USN-3814-1 (OID:1.3.6.1.4.1.25623.1.0.843813)
Version used: 2021-06-07T02:00:27Z
The remote host is missing an update for the 'linux' package(s) announced via the USN-4302-1 advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.91.83
Solution type:VendorFix
Please install the updated package(s).
'linux' package(s) on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Paulo Bonzini discovered that the KVM hypervisor implementation in the Linux kernel could improperly let a nested (level 2) guest access the resources of a parent (level 1) guest in certain situations. An attacker could use this to expose sensitive information. (CVE-2020-2732)
Gregory Herrero discovered that the fix for CVE-2019-14615 to address the Linux kernel not properly clearing data structures on context switches for certain Intel graphics processors was incomplete. A local attacker could use this to expose sensitive information. (CVE-2020-8832)
It was discovered that the IPMI message handler implementation in the Linux kernel did not properly deallocate memory in certain situations. A local attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19046)
It was discovered that the Intel WiMAX 2400 driver in the Linux kernel did not properly deallocate memory in certain situations. A local attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19051)
It was discovered that the Marvell Wi-Fi device driver in the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could use this to possibly cause a denial of service (kernel memory exhaustion). (CVE-2019-19056)
It was discovered that the Intel(R) Wi-Fi device driver in the Linux kernel device driver in the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could possibly use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19058)
It was discovered that the Brocade BFA Fibre Channel device driver in the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could possibly use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19066)
It was discovered that the Realtek RTL8xxx USB Wi-Fi device driver in the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could possibly use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19068)
It was discovered that ZR364XX Camera USB device driver for the Linux kernel did not properly initialize memory. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15217)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for linux (USN-4302-1) (OID:1.3.6.1.4.1.25623.1.0.844364)
Version used: 2021-07-09T02:00:48Z
The remote host is missing an update for the 'python3.7' package(s) announced via the USN-4333-1 advisory.
Vulnerable package: python3.6 Installed version: 3.6.5-3 Fixed version: 3.6.9-1~18.04ubuntu1 Vulnerable package: python3.6-minimal Installed version: 3.6.5-3 Fixed version: 3.6.9-1~18.04ubuntu1
Solution type:VendorFix
Please install the updated package(s).
'python3.7' package(s) on Ubuntu 19.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that Python incorrectly stripped certain characters from requests. A remote attacker could use this issue to perform CRLF injection. (CVE-2019-18348)
It was discovered that Python incorrectly handled certain HTTP requests. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-8492)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for python3.7 (USN-4333-1) (OID:1.3.6.1.4.1.25623.1.0.844398)
Version used: 2021-07-13T02:01:14Z
The remote host is missing an update for the 'python2.7' package(s) announced via the USN-4127-1 advisory.
Vulnerable package: python3.6 Installed version: 3.6.5-3 Fixed version: 3.6.8-1~18.04.2 Vulnerable package: python3.6-minimal Installed version: 3.6.5-3 Fixed version: 3.6.8-1~18.04.2
Solution type:VendorFix
Please install the updated package(s).
'python2.7' package(s) on Ubuntu 19.04, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that Python incorrectly handled certain pickle files. An attacker could possibly use this issue to consume memory, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2018-20406)
It was discovered that Python incorrectly validated the domain when handling cookies. An attacker could possibly trick Python into sending cookies to the wrong domain. (CVE-2018-20852)
Jonathan Birch and Panayiotis Panayiotou discovered that Python incorrectly handled Unicode encoding during NFKC normalization. An attacker could possibly use this issue to obtain sensitive information. (CVE-2019-9636, CVE-2019-10160)
Colin Read and Nicolas Edet discovered that Python incorrectly handled parsing certain X509 certificates. An attacker could possibly use this issue to cause Python to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-5010)
It was discovered that Python incorrectly handled certain urls. A remote attacker could possibly use this issue to perform CRLF injection attacks. (CVE-2019-9740, CVE-2019-9947)
Sihoon Lee discovered that Python incorrectly handled the local_file: scheme. A remote attacker could possibly use this issue to bypass blacklist meschanisms. (CVE-2019-9948)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for python2.7 USN-4127-1 (OID:1.3.6.1.4.1.25623.1.0.844168)
Version used: 2019-09-10T08:05:24Z
The remote host is missing an update for the 'libgcrypt20' package(s) announced via the USN-4236-1 advisory.
Vulnerable package: libgcrypt20 Installed version: 1.8.1-4ubuntu1.1 Fixed version: 1.8.1-4ubuntu1.2
Solution type:VendorFix
Please install the updated package(s).
'libgcrypt20' package(s) on Ubuntu 19.10, Ubuntu 19.04, Ubuntu 18.04 LTS.
It was discovered that Libgcrypt was susceptible to a ECDSA timing attack. An attacker could possibly use this attack to recover sensitive information.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for libgcrypt20 USN-4236-1 (OID:1.3.6.1.4.1.25623.1.0.844291)
Version used: 2021-07-12T11:00:45Z
The remote host is missing an update for the 'apport' package(s) announced via the USN-4171-3 advisory.
Vulnerable package: apport Installed version: 2.20.9-0ubuntu7.3 Fixed version: 2.20.9-0ubuntu7.9 Vulnerable package: python3-apport Installed version: 2.20.9-0ubuntu7.3 Fixed version: 2.20.9-0ubuntu7.9
Solution type:VendorFix
Please install the updated package(s).
'apport' package(s) on Ubuntu 19.10, Ubuntu 19.04, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
USN-4171-1 fixed vulnerabilities in Apport. The update caused a regression in the Python Apport library. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
Kevin Backhouse discovered Apport would read its user-controlled settings file as the root user. This could be used by a local attacker to possibly crash Apport or have other unspecified consequences. (CVE-2019-11481)
Sander Bos discovered a race-condition in Apport during core dump creation. This could be used by a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user. (CVE-2019-11482)
Sander Bos discovered Apport mishandled crash dumps originating from containers. This could be used by a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user. (CVE-2019-11483)
Sander Bos discovered Apport mishandled lock-file creation. This could be used by a local attacker to cause a denial of service against Apport. (CVE-2019-11485)
Kevin Backhouse discovered Apport read various process-specific files with elevated privileges during crash dump generation. This could could be used by a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user. (CVE-2019-15790)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for apport USN-4171-3 (OID:1.3.6.1.4.1.25623.1.0.844222)
Version used: 2020-05-18T07:36:25Z
The remote host is missing an update for the 'apport' package(s) announced via the USN-4171-1 advisory.
Vulnerable package: apport Installed version: 2.20.9-0ubuntu7.3 Fixed version: 2.20.9-0ubuntu7.8 Vulnerable package: python3-apport Installed version: 2.20.9-0ubuntu7.3 Fixed version: 2.20.9-0ubuntu7.8
Solution type:VendorFix
Please install the updated package(s).
'apport' package(s) on Ubuntu 19.10, Ubuntu 19.04, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Kevin Backhouse discovered Apport would read its user-controlled settings file as the root user. This could be used by a local attacker to possibly crash Apport or have other unspecified consequences. (CVE-2019-11481)
Sander Bos discovered a race-condition in Apport during core dump creation. This could be used by a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user. (CVE-2019-11482)
Sander Bos discovered Apport mishandled crash dumps originating from containers. This could be used by a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user. (CVE-2019-11483)
Sander Bos discovered Apport mishandled lock-file creation. This could be used by a local attacker to cause a denial of service against Apport. (CVE-2019-11485)
Kevin Backhouse discovered Apport read various process-specific files with elevated privileges during crash dump generation. This could could be used by a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user. (CVE-2019-15790)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for apport USN-4171-1 (OID:1.3.6.1.4.1.25623.1.0.844217)
Version used: 2020-05-18T07:36:25Z
The remote host is missing an update for the 'python-cryptography' package(s) announced via the USN-4613-1 advisory.
Vulnerable package: python3-cryptography Installed version: 2.1.4-1ubuntu1.2 Fixed version: 2.1.4-1ubuntu1.4
Solution type:VendorFix
Please install the updated package(s).
'python-cryptography' package(s) on Ubuntu 20.10, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Hubert Kario discovered that python-cryptography incorrectly handled certain decryption. An attacker could possibly use this issue to expose sensitive information.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for python-cryptography (USN-4613-1) (OID:1.3.6.1.4.1.25623.1.0.844693)
Version used: 2021-07-13T02:01:14Z
The remote host is missing an update for the 'openssl' package(s) announced via the USN-3840-1 advisory.
Vulnerable package: libssl1.0.0 Installed version: 1.0.2n-1ubuntu5.1 Fixed version: 1.0.2n-1ubuntu5.2
Solution type:VendorFix
Please install the updated package(s).
openssl on Ubuntu 18.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS, Ubuntu 14.04 LTS.
Samuel Weiser discovered that OpenSSL incorrectly handled DSA signing. An attacker could possibly use this issue to perform a timing side-channel attack and recover private DSA keys. (CVE-2018-0734)
Samuel Weiser discovered that OpenSSL incorrectly handled ECDSA signing. An attacker could possibly use this issue to perform a timing side-channel attack and recover private ECDSA keys. This issue only affected Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-0735)
Billy Bob Brumley, Cesar Pereida Garcia, Sohaib ul Hassan, Nicola Tuveri, and Alejandro Cabrera Aldaya discovered that Simultaneous Multithreading (SMT) architectures are vulnerable to side-channel leakage. This issue is known as 'PortSmash'. An attacker could possibly use this issue to perform a timing side-channel attack and recover private keys. (CVE-2018-5407)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for openssl USN-3840-1 (OID:1.3.6.1.4.1.25623.1.0.843848)
Version used: 2021-06-03T11:00:21Z
The remote host is missing an update for the 'openssl' package(s) announced via the USN-4662-1 advisory.
Vulnerable package: libssl1.0.0 Installed version: 1.0.2n-1ubuntu5.1 Fixed version: 1.0.2n-1ubuntu5.5
Solution type:VendorFix
Please install the updated package(s).
'openssl' package(s) on Ubuntu 20.10, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
David Benjamin discovered that OpenSSL incorrectly handled comparing certificates containing a EDIPartyName name type. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for openssl (USN-4662-1) (OID:1.3.6.1.4.1.25623.1.0.844748)
Version used: 2021-07-13T02:01:14Z
The host is installed with Oracle Java SE and is prone to multiple vulnerabilities.
Installed version: 1.7.0update_25 Fixed version: Apply the patch Installation path / port: /opt/atlassian/jira/jre/bin/java
Successful exploitation will allow remote attackers to modify data, partially access data, cause partial denial of service conditions.
Solution type:VendorFix
Apply the appropriate patch from the vendor. Please see the references for more information.
Oracle Java SE version 1.8.0.172 and earlier, 1.7.0.181 and earlier, 1.6.0.191 and earlier and 10.0 through 10.0.1 on Linux
Multiple flaws are due to multiple unspecified errors in components 'Libraries', 'JSSE' and 'Concurrency'.
Check if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates-02 (jul2018-4258247) Linux (OID:1.3.6.1.4.1.25623.1.0.813683)
Version used: 2021-06-30T02:00:35Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The host is installed with Oracle Java SE and is prone to multiple vulnerabilities.
Installed version: 1.7.0update_25 Fixed version: Apply the patch Installation path / port: /opt/atlassian/jira/jre/bin/java
Successful exploitation of this vulnerability will allow attackers to partially access data and cause a partial denial of service conditions.
Solution type:VendorFix
Apply the patch from the referenced advisory.
Oracle Java SE version 1.7.0.151 and earlier, 1.8.0.144 and earlier, 9.0 on Linux
Multiple flaws exist due to a flaw in 'JAX-WS' component of the application.
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (oct2017-3236626) 04 - Linux (OID:1.3.6.1.4.1.25623.1.0.108381)
Version used: 2020-10-29T15:35:19Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The remote host is missing an update for the 'openssh' package(s) announced via the USN-3885-1 advisory.
Vulnerable package: openssh-client Installed version: 7.6p1-4 Fixed version: 1:7.6p1-4ubuntu0.2
Solution type:VendorFix
Please install the updated package(s).
openssh on Ubuntu 18.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS, Ubuntu 14.04 LTS.
Harry Sintonen discovered multiple issues in the OpenSSH scp utility. If a user or automated system were tricked into connecting to an untrusted server, a remote attacker could possibly use these issues to write to arbitrary files, change directory permissions, and spoof client output.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for openssh USN-3885-1 (OID:1.3.6.1.4.1.25623.1.0.843902)
Version used: 2019-03-18T16:34:17Z
The host is installed with Oracle Java SE JRE and is prone to some unspecified vulnerability.
Installed version: 1.7.0update_25 Fixed version: Apply the patch
Successful exploitation will allow attackers to have an impact on confidentiality, integrity, and via unknown vectors.
Solution type:VendorFix
Apply the patch from the referenced advisory.
Oracle Java SE 7 update 85 and prior on Linux.
The flaw is due to an unspecified error.
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE JRE Unspecified Vulnerability Oct 2015 (Linux) (OID:1.3.6.1.4.1.25623.1.0.108408)
Version used: 2018-10-12T11:22:41Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The host is installed with Oracle Java SE and is prone to multiple vulnerabilities.
Installed version: 1.7.0update_25 Fixed version: Apply the patch Installation path / port: /opt/atlassian/jira/jre/bin/java
Successful exploitation will allow remote attacker to have an impact on confidentiality, integrity and availability.
Solution type:VendorFix
Apply the appropriate patch from the vendor. Please see the references for more information.
Oracle Java SE version 7u221(1.7.0.221) and earlier, 8u212(1.8.0.212) and earlier, 11.0.2 and earlier, 12.0.1 and earlier on Linux.
Multiple flaws exist due to errors in 'AWT (libpng)', 'Utilities' and 'Networking' components.
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (jul2019-5072835) 03 - Linux (OID:1.3.6.1.4.1.25623.1.0.815180)
Version used: 2020-05-12T13:57:17Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The remote host is missing an update for the 'openssh' package(s) announced via the USN-3885-2 advisory.
Vulnerable package: openssh-client Installed version: 7.6p1-4 Fixed version: 1:7.6p1-4ubuntu0.3
Solution type:VendorFix
Please install the updated package(s).
openssh on Ubuntu 18.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS, Ubuntu 14.04 LTS.
USN-3885-1 fixed vulnerabilities in OpenSSH. It was discovered that the fix for CVE-2019-6111 turned out to be incomplete. This update fixes the problem.
Original advisory details:
Harry Sintonen discovered multiple issues in the OpenSSH scp utility. If a user or automated system were tricked into connecting to an untrusted server, a remote attacker could possibly use these issues to write to arbitrary files, change directory permissions, and spoof client output.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for openssh USN-3885-2 (OID:1.3.6.1.4.1.25623.1.0.843922)
Version used: 2019-03-18T16:34:17Z
The host is installed with Oracle Java SE and is prone to multiple security vulnerabilities.
Installed version: 1.7.0update_25 Fixed version: Apply the patch Installation path / port: /opt/atlassian/jira/jre/bin/java
Successful exploitation will allow remote attacker to have an impact on confidentiality, integrity and availability.
Solution type:VendorFix
The vendor has released updates. Please see the references for more information.
Oracle Java SE version 7u271 (1.7.0.271) and earlier, 8u261 (1.8.0.261) and earlier, 11.0.8 and earlier, 15 on Linux.
Multiple flaws are due to errors in components Libraries, JSSE, Hotspot, Serialization and JNDI.
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates(oct2020) 01-Linux (OID:1.3.6.1.4.1.25623.1.0.817611)
Version used: 2020-10-30T09:58:42Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The remote host is missing an update for the 'apt' package(s) announced via the USN-4667-1 advisory.
Vulnerable package: apt Installed version: 1.6.3ubuntu0.1 Fixed version: 1.6.12ubuntu0.2
Solution type:VendorFix
Please install the updated package(s).
'apt' package(s) on Ubuntu 20.10, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Kevin Backhouse discovered that APT incorrectly handled certain packages. A local attacker could possibly use this issue to cause APT to crash or stop responding, resulting in a denial of service.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for apt (USN-4667-1) (OID:1.3.6.1.4.1.25623.1.0.844751)
Version used: 2021-07-12T11:00:45Z
The host is installed with Oracle Java SE and is prone to multiple vulnerabilities.
Installed version: 1.7.0update_25 Fixed version: Apply the patch Installation path / port: /opt/atlassian/jira/jre/bin/java
Successful exploitation will allow attackers to gain elevated privileges, cause partial denial of service conditions, partially modify and access data.
Solution type:VendorFix
Apply the patch from Reference link
Oracle Java SE version 1.6.0 to 1.6.0.201, 1.7.0 to 1.7.0.191, 1.8.0 to 1.8.0.182, and 11 on Linux.
Multiple flaws are due to errors in components 'JNDI', 'Deployment (libpng)', 'Security', 'Networking' and 'JSSE'.
Check if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates-03 (oct2018-4428296) Linux (OID:1.3.6.1.4.1.25623.1.0.814405)
Version used: 2021-06-30T02:00:35Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The remote host is missing an update for the 'dbus' package(s) announced via the USN-4398-1 advisory.
Vulnerable package: dbus Installed version: 1.12.2-1ubuntu1 Fixed version: 1.12.2-1ubuntu1.2 Vulnerable package: libdbus-1-3 Installed version: 1.12.2-1ubuntu1 Fixed version: 1.12.2-1ubuntu1.2
Solution type:VendorFix
Please install the updated package(s).
'dbus' package(s) on Ubuntu 20.04 LTS, Ubuntu 19.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Kevin Backhouse discovered that DBus incorrectly handled file descriptors. A local attacker could possibly use this issue to cause DBus to crash, resulting in a denial of service.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for dbus (USN-4398-1) (OID:1.3.6.1.4.1.25623.1.0.844471)
Version used: 2021-07-09T11:00:55Z
The remote host is missing an update for the 'software-properties' package(s) announced via the USN-4457-1 advisory.
Vulnerable package: python3-software-properties Installed version: 0.96.24.32.5 Fixed version: 0.96.24.32.14 Vulnerable package: software-properties-common Installed version: 0.96.24.32.5 Fixed version: 0.96.24.32.14
Solution type:VendorFix
Please install the updated package(s).
'software-properties' package(s) on Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Jason A. Donenfeld discovered that Software Properties incorrectly filtered certain escape sequences when displaying PPA descriptions. If a user were tricked into adding an arbitrary PPA, a remote attacker could possibly manipulate the screen.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for software-properties (USN-4457-1) (OID:1.3.6.1.4.1.25623.1.0.844534)
Version used: 2021-07-09T11:00:55Z
The remote host is missing an update for the 'apport' package(s) announced via the USN-4315-1 advisory.
Vulnerable package: apport Installed version: 2.20.9-0ubuntu7.3 Fixed version: 2.20.9-0ubuntu7.14 Vulnerable package: python3-apport Installed version: 2.20.9-0ubuntu7.3 Fixed version: 2.20.9-0ubuntu7.14
Solution type:VendorFix
Please install the updated package(s).
'apport' package(s) on Ubuntu 19.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Maximilien Bourgeteau discovered that the Apport lock file was created with insecure permissions. This could allow a local attacker to escalate their privileges via a symlink attack. (CVE-2020-8831)
Maximilien Bourgeteau discovered a race condition in Apport when setting crash report permissions. This could allow a local attacker to read arbitrary files via a symlink attack. (CVE-2020-8833)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for apport (USN-4315-1) (OID:1.3.6.1.4.1.25623.1.0.844379)
Version used: 2021-07-09T02:00:48Z
The remote host is missing an update for the 'intel-microcode' package(s) announced via the USN-4385-2 advisory.
Vulnerable package: intel-microcode Installed version: 3.20180807a.0ubuntu0.18.04.1 Fixed version: 3.20200609.0ubuntu0.18.04.1
Solution type:VendorFix
Please install the updated package(s).
'intel-microcode' package(s) on Ubuntu 20.04 LTS, Ubuntu 19.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
USN-4385-1 provided updated Intel Processor Microcode. Unfortunately, that update prevented certain processors in the Intel Skylake family (06_4EH) from booting successfully. Additionally, on Ubuntu 20.04 LTS, late loading of microcode was enabled, which could lead to system instability. This update reverts the microcode update for the Skylake processor family and disables the late loading option on Ubuntu 20.04 LTS.
Please note that the 'dis_ucode_ldr' kernel command line option can be added in the boot menu to disable microcode loading for system recovery.
We apologize for the inconvenience.
Original advisory details:
It was discovered that memory contents previously stored in microarchitectural special registers after RDRAND, RDSEED, and SGX EGETKEY read operations on Intel client and Xeon E3 processors may be briefly exposed to processes on the same or different processor cores. A local attacker could use this to expose sensitive information. (CVE-2020-0543)
It was discovered that on some Intel processors, partial data values previously read from a vector register on a physical core may be propagated into unused portions of the store buffer. A local attacker could possible use this to expose sensitive information. (CVE-2020-0548)
It was discovered that on some Intel processors, data from the most recently evicted modified L1 data cache (L1D) line may be propagated into an unused (invalid) L1D fill buffer. A local attacker could possibly use this to expose sensitive information. (CVE-2020-0549)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for intel-microcode (USN-4385-2) (OID:1.3.6.1.4.1.25623.1.0.844468)
Version used: 2021-07-12T11:00:45Z
The remote host is missing an update for the 'apt' package(s) announced via the USN-4359-1 advisory.
Vulnerable package: apt Installed version: 1.6.3ubuntu0.1 Fixed version: 1.6.12ubuntu0.1
Solution type:VendorFix
Please install the updated package(s).
'apt' package(s) on Ubuntu 20.04 LTS, Ubuntu 19.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that APT incorrectly handled certain filenames during package installation. If an attacker could provide a specially crafted package to be installed by the system administrator, this could cause APT to crash.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for apt (USN-4359-1) (OID:1.3.6.1.4.1.25623.1.0.844428)
Version used: 2021-07-13T02:01:14Z
The remote host is missing an update for the 'linux' package(s) announced via the USN-4694-1 advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.132.119
Solution type:VendorFix
Please install the updated package(s).
'linux' package(s) on Ubuntu 20.10, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that the LIO SCSI target implementation in the Linux kernel performed insufficient identifier checking in certain XCOPY requests.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for linux (USN-4694-1) (OID:1.3.6.1.4.1.25623.1.0.844786)
Version used: 2021-01-25T07:41:52Z
The remote host is missing an update for the 'intel-microcode' package(s) announced via the USN-4385-1 advisory.
Vulnerable package: intel-microcode Installed version: 3.20180807a.0ubuntu0.18.04.1 Fixed version: 3.20200609.0ubuntu0.18.04.0
Solution type:VendorFix
Please install the updated package(s).
'intel-microcode' package(s) on Ubuntu 20.04 LTS, Ubuntu 19.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that memory contents previously stored in microarchitectural special registers after RDRAND, RDSEED, and SGX EGETKEY read operations on Intel client and Xeon E3 processors may be briefly exposed to processes on the same or different processor cores. A local attacker could use this to expose sensitive information. (CVE-2020-0543)
It was discovered that on some Intel processors, partial data values previously read from a vector register on a physical core may be propagated into unused portions of the store buffer. A local attacker could possible use this to expose sensitive information. (CVE-2020-0548)
It was discovered that on some Intel processors, data from the most recently evicted modified L1 data cache (L1D) line may be propagated into an unused (invalid) L1D fill buffer. A local attacker could possibly use this to expose sensitive information. (CVE-2020-0549)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for intel-microcode (USN-4385-1) (OID:1.3.6.1.4.1.25623.1.0.844463)
Version used: 2021-07-12T02:00:56Z
The remote host is missing an update for the 'intel-microcode' package(s) announced via the USN-4628-2 advisory.
Vulnerable package: intel-microcode Installed version: 3.20180807a.0ubuntu0.18.04.1 Fixed version: 3.20201110.0ubuntu0.18.04.2
Solution type:VendorFix
Please install the updated package(s).
'intel-microcode' package(s) on Ubuntu 20.10, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
USN-4628-1 provided updated Intel Processor Microcode. Unfortunately, that update prevented certain processors in the Intel Tiger Lake family from booting successfully. This update reverts the microcode update for the Tiger Lake processor family.
Please note that the 'dis_ucode_ldr' kernel command line option can be added in the boot menu to disable microcode loading for system recovery.
We apologize for the inconvenience.
Original advisory details:
Moritz Lipp, Michael Schwarz, Andreas Kogler, David Oswald, Catherine Easdon, Claudio Canella, and Daniel Gruss discovered that the Intel Running Average Power Limit (RAPL) feature of some Intel processors allowed a side- channel attack based on power consumption measurements. A local attacker could possibly use this to expose sensitive information. (CVE-2020-8695)
Ezra Caltum, Joseph Nuzman, Nir Shildan and Ofir Joseff discovered that some Intel(R) Processors did not properly remove sensitive information before storage or transfer in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2020-8696)
Ezra Caltum, Joseph Nuzman, Nir Shildan and Ofir Joseff discovered that some Intel(R) Processors did not properly isolate shared resources in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2020-8698)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for intel-microcode (USN-4628-2) (OID:1.3.6.1.4.1.25623.1.0.844711)
Version used: 2021-07-12T11:00:45Z
The remote host is missing an update for the 'intel-microcode' package(s) announced via the USN-4628-1 advisory.
Vulnerable package: intel-microcode Installed version: 3.20180807a.0ubuntu0.18.04.1 Fixed version: 3.20201110.0ubuntu0.18.04.1
Solution type:VendorFix
Please install the updated package(s).
'intel-microcode' package(s) on Ubuntu 20.10, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Moritz Lipp, Michael Schwarz, Andreas Kogler, David Oswald, Catherine Easdon, Claudio Canella, and Daniel Gruss discovered that the Intel Running Average Power Limit (RAPL) feature of some Intel processors allowed a side- channel attack based on power consumption measurements. A local attacker could possibly use this to expose sensitive information. (CVE-2020-8695)
Ezra Caltum, Joseph Nuzman, Nir Shildan and Ofir Joseff discovered that some Intel(R) Processors did not properly remove sensitive information before storage or transfer in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2020-8696)
Ezra Caltum, Joseph Nuzman, Nir Shildan and Ofir Joseff discovered that some Intel(R) Processors did not properly isolate shared resources in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2020-8698)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for intel-microcode (USN-4628-1) (OID:1.3.6.1.4.1.25623.1.0.844709)
Version used: 2021-07-12T02:00:56Z
The remote host is missing an update for the 'linux' package(s) announced via the USN-4627-1 advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.123.110
Solution type:VendorFix
Please install the updated package(s).
'linux' package(s) on Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Moritz Lipp, Michael Schwarz, Andreas Kogler, David Oswald, Catherine Easdon, Claudio Canella, and Daniel Gruss discovered that the Intel Running Average Power Limit (RAPL) driver in the Linux kernel did not properly restrict access to power data. A local attacker could possibly use this to expose sensitive information.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for linux (USN-4627-1) (OID:1.3.6.1.4.1.25623.1.0.844706)
Version used: 2021-07-12T02:00:56Z
The host is installed with Oracle Java SE and is prone to multiple vulnerabilities.
Installed version: 1.7.0update_25 Fixed version: Apply the patch Installation path / port: /opt/atlassian/jira/jre/bin/java
Successful exploitation will allow remote attackers to affect availability via unknown vectors.
Solution type:VendorFix
Apply the appropriate patch from the vendor. Please see the references for more information.
Oracle Java SE version 1.8.0.162 and earlier, 1.7.0.171 and earlier, 10.0 on Linux.
Multiple flaws are due to multiple unspecified errors in 'Concurrency' and 'JAXP' components of Java SE.
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (apr2018-3678067) 05 - Linux (OID:1.3.6.1.4.1.25623.1.0.813311)
Version used: 2021-06-30T11:00:43Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The host is installed with Oracle Java SE and is prone to a denial-of-service vulnerability.
Installed version: 1.7.0update_25 Fixed version: Apply the patch Installation path / port: /opt/atlassian/jira/jre/bin/java
Successful exploitation of this vulnerability will allow remote attackers to conduct a denial-of-service condition.
Solution type:VendorFix
Apply the patch from the referenced advisory.
Oracle Java SE version 1.6.0.171 and earlier, 1.7.0.161 and earlier on Linux.
The flaw exists due to an error in the 'Serialization' sub-component of the application.
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (jan2018-3236628) 01 - Linux (OID:1.3.6.1.4.1.25623.1.0.108368)
Version used: 2021-06-30T02:00:35Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The host is installed with Oracle Java SE and is prone to a security bypass vulnerability.
Installed version: 1.7.0update_25 Fixed version: Java SE 7u51 Installation path / port: /opt/atlassian/jira/jre/bin/java
Successful exploitation will allow remote attackers to inject malicious unsigned bytecode into a signed JAR without failing jarsigner verification.
Solution type:VendorFix
Upgrade to Oracle Java SE version 7u51 or later. Please see the references for more information.
Oracle Java SE version before 7u51 on Linux.
The flaw is due to jarsigner does not detect unsigned bytecode injected into signed jars.
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE 'jarsigner' Security Bypass Vulnerability (Linux) (OID:1.3.6.1.4.1.25623.1.0.813377)
Version used: 2021-06-30T02:00:35Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The remote host is missing an update for the 'vim' package(s) announced via the USN-4582-1 advisory.
Vulnerable package: vim Installed version: 8.0.1453-1ubuntu1 Fixed version: 2:8.0.1453-1ubuntu1.4 Vulnerable package: vim-common Installed version: 8.0.1453-1ubuntu1 Fixed version: 2:8.0.1453-1ubuntu1.4 Vulnerable package: vim-runtime Installed version: 8.0.1453-1ubuntu1 Fixed version: 2:8.0.1453-1ubuntu1.4
Solution type:VendorFix
Please install the updated package(s).
'vim' package(s) on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that Vim incorrectly handled permissions on the .swp file. A local attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 16.04 LTS. (CVE-2017-17087)
It was discovered that Vim incorrectly handled restricted mode. A local attacker could possibly use this issue to bypass restricted mode and execute arbitrary commands. Note: This update only makes executing shell commands more difficult. Restricted mode should not be considered a complete security measure. (CVE-2019-20807)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for vim (USN-4582-1) (OID:1.3.6.1.4.1.25623.1.0.844653)
Version used: 2021-07-12T02:00:56Z
The host is installed with Oracle Java SE and is prone to denial of service vulnerability.
Installed version: 1.7.0update_25 Fixed version: Apply the patch Installation path / port: /opt/atlassian/jira/jre/bin/java
Successful exploitation will allow attackers to cause partial denial of service conditions.
Solution type:VendorFix
Apply the appropriate patch from the vendor. Please see the references for more information.
Oracle Java SE version 1.6.0 to 1.6.0.201, 1.7.0 to 1.7.0.191, 1.8.0 to 1.8.0.182 on Linux.
The flaw is due to error in 'Sound' component.
Check if a vulnerable version is present on the target host.
Details: Oracle Java SE Denial of Service Vulnerability(oct2018-4428296)-Linux (OID:1.3.6.1.4.1.25623.1.0.814408)
Version used: 2021-06-30T02:00:35Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The remote host is missing an update for the 'openssl1.0' package(s) announced via the USN-4504-1 advisory.
Vulnerable package: libssl1.0.0 Installed version: 1.0.2n-1ubuntu5.1 Fixed version: 1.0.2n-1ubuntu5.4
Solution type:VendorFix
Please install the updated package(s).
'openssl1.0' package(s) on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
certain Diffie-Hellman ciphersuites in the TLS specification and implemented by OpenSSL contained a flaw. A remote attacker could possibly use this issue to eavesdrop on encrypted communications. This was fixed in this update by removing the insecure ciphersuites from OpenSSL. (CVE-2020-1968)
Cesar Pereida García, Sohaib ul Hassan, Nicola Tuveri, Iaroslav Gridin, Alejandro Cabrera Aldaya, and Billy Brumley discovered that OpenSSL incorrectly handled ECDSA signatures. An attacker could possibly use this issue to perform a timing side-channel attack and recover private ECDSA keys. This issue only affected Ubuntu 18.04 LTS. (CVE-2019-1547)
Guido Vranken discovered that OpenSSL incorrectly performed the x86_64 Montgomery squaring procedure. While unlikely, a remote attacker could possibly use this issue to recover private keys. This issue only affected Ubuntu 18.04 LTS. (CVE-2019-1551)
Bernd Edlinger discovered that OpenSSL incorrectly handled certain decryption functions. In certain scenarios, a remote attacker could possibly use this issue to perform a padding oracle attack and decrypt traffic. This issue only affected Ubuntu 18.04 LTS. (CVE-2019-1563)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for openssl1.0 (USN-4504-1) (OID:1.3.6.1.4.1.25623.1.0.844582)
Version used: 2021-07-12T11:00:45Z
The host is installed with Oracle Java SE and is prone to multiple vulnerabilities.
Installed version: 1.7.0update_25 Fixed version: Apply the patch Installation path / port: /opt/atlassian/jira/jre/bin/java
Successful exploitation will allow attackers to cause some unspecified impacts.
Solution type:VendorFix
Apply the patch from the referenced advisory.
Oracle Java SE version 1.7.0.131 and earlier, 1.8.0.121 and earlier on Linux
Multiple flaws exist due to multiple unspecified errors in 'AWT', and 'JCE' sub-components.
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (cpuapr2017-3236618) 02 - Linux (OID:1.3.6.1.4.1.25623.1.0.108383)
Version used: 2020-10-29T15:35:19Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The remote host is missing an update for the 'libxslt' package(s) announced via the USN-4164-1 advisory.
Vulnerable package: libxslt1.1 Installed version: 1.1.29-5 Fixed version: 1.1.29-5ubuntu0.2
Solution type:VendorFix
Please install the updated package(s).
'libxslt' package(s) on Ubuntu 19.10, Ubuntu 19.04, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that Libxslt incorrectly handled certain documents. An attacker could possibly use this issue to access sensitive information. This issue not affected Ubuntu 19.10. (CVE-2019-13117, CVE-2019-13118)
It was discovered that Libxslt incorrectly handled certain documents. An attacker could possibly use this issue to execute arbitrary code. (CVE-2019-18197)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for libxslt USN-4164-1 (OID:1.3.6.1.4.1.25623.1.0.844207)
Version used: 2019-12-30T15:50:06Z
The remote host is missing an update for the 'tar' package(s) announced via the USN-4692-1 advisory.
Vulnerable package: tar Installed version: 1.29b-2 Fixed version: 1.29b-2ubuntu0.2
Solution type:VendorFix
Please install the updated package(s).
'tar' package(s) on Ubuntu 20.10, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Chris Siebenmann discovered that tar incorrectly handled extracting files resized during extraction when invoked with the --sparse flag. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2018-20482)
Daniel Axtens discovered that tar incorrectly handled certain malformed tar files. If a user or automated system were tricked into processing a specially crafted tar archive, a remote attacker could use this issue to cause tar to crash, resulting in a denial of service. (CVE-2019-9923)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for tar (USN-4692-1) (OID:1.3.6.1.4.1.25623.1.0.844785)
Version used: 2021-01-22T06:41:37Z
The remote host is missing an update for the 'file' package(s) announced via the USN-3911-2 advisory.
Vulnerable package: file Installed version: 5.32-2ubuntu0.1 Fixed version: 1:5.32-2ubuntu0.4 Vulnerable package: libmagic1 Installed version: 5.32-2ubuntu0.1 Fixed version: 1:5.32-2ubuntu0.4
Solution type:VendorFix
Please install the updated package(s).
'file' package(s) on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
USN-3911-1 fixed vulnerabilities in file. One of the backported security fixes introduced a regression that caused the interpreter string to be truncated. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
It was discovered that file incorrectly handled certain malformed ELF files. An attacker could use this issue to cause a denial of service, or possibly execute arbitrary code.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for file (USN-3911-2) (OID:1.3.6.1.4.1.25623.1.0.844429)
Version used: 2020-05-15T04:25:55Z
The remote host is missing an update for the 'json-c' package(s) announced via the USN-4360-2 advisory.
Vulnerable package: libjson-c3 Installed version: 0.12.1-1.3 Fixed version: 0.12.1-1.3ubuntu0.2
Solution type:VendorFix
Please install the updated package(s).
'json-c' package(s) on Ubuntu 20.04 LTS, Ubuntu 19.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
USN-4360-1 fixed a vulnerability in json-c. The security fix introduced a memory leak in some scenarios. This update reverts the security fix pending further investigation.
We apologize for the inconvenience.
Original advisory details:
It was discovered that json-c incorrectly handled certain JSON files. An attacker could possibly use this issue to execute arbitrary code.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for json-c (USN-4360-2) (OID:1.3.6.1.4.1.25623.1.0.844432)
Version used: 2020-05-20T02:28:18Z
The remote host is missing an update for the 'ca-certificates' package(s) announced via the USN-4377-1 advisory.
Vulnerable package: ca-certificates Installed version: 20180409 Fixed version: 20190110~18.04.1
Solution type:VendorFix
Please install the updated package(s).
'ca-certificates' package(s) on Ubuntu 20.04 LTS, Ubuntu 19.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
The ca-certificates package contained an expired CA certificate that caused connectivity issues. This update removes the 'AddTrust External Root' CA.
In addition, on Ubuntu 16.04 LTS and Ubuntu 18.04 LTS, this update refreshes the included certificates to those contained in the 20190110 package.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for ca-certificates (USN-4377-1) (OID:1.3.6.1.4.1.25623.1.0.844452)
Version used: 2020-06-03T10:55:59Z
The host is installed with Oracle Java SE and is prone to multiple unspecified vulnerabilities.
Installed version: 1.7.0update_25 Fixed version: Apply the patch Installation path / port: /opt/atlassian/jira/jre/bin/java
Successful exploitation will allow remote user to access and modify data on the target system, can cause denial of service conditions on the target system, a remote or local user can obtain elevated privileges on the target system, also a local user can modify data on the target system.
Solution type:VendorFix
Apply the patch from the referenced advisory.
Oracle Java SE 6 update 115 and prior, 7 update 101 and prior, and 8 update 92 and prior on Linux.
Multiple flaws are due to:
- A flaw in the Hotspot component.
- A flaw in the Install component.
- A flaw in the JAXP component.
- A flaw in the CORBA component.
- A flaw in the Networking component.
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Multiple Unspecified Vulnerabilities-01 July 2016 (Linux) (OID:1.3.6.1.4.1.25623.1.0.108384)
Version used: 2020-05-12T13:57:17Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The host is installed with Oracle Java SE JRE and is prone to unspecified vulnerability.
The target host was found to be vulnerable
Successful exploitation will allow attackers to disclose sensitive information.
Solution type:VendorFix
Apply the patch from the referenced advisory.
Oracle Java SE 5.0u71 and prior, 6u81 and prior, and 7u67 and prior on Linux.
The flaw exists due to an error related to C2 optimizations and range checks in the Hotspot subcomponent.
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE JRE Unspecified Vulnerability-05 Oct 2014 (Linux) (OID:1.3.6.1.4.1.25623.1.0.108426)
Version used: 2020-05-12T13:57:17Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The remote host is missing an update for the 'gnutls28' package(s) announced via the USN-4233-2 advisory.
Vulnerable package: libgnutls30 Installed version: 3.5.18-1ubuntu1 Fixed version: 3.5.18-1ubuntu1.3
Solution type:VendorFix
Please install the updated package(s).
'gnutls28' package(s) on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
USN-4233-1 disabled SHA1 being used for digital signature operations in GnuTLS. In certain network environments, certificates using SHA1 may still be in use. This update adds the %VERIFY_ALLOW_BROKEN and %VERIFY_ALLOW_SIGN_WITH_SHA1 priority strings that can be used to temporarily re-enable SHA1 until certificates can be replaced with a stronger algorithm.
Original advisory details:
As a security improvement, this update marks SHA1 as being untrusted for digital signature operations.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for gnutls28 USN-4233-2 (OID:1.3.6.1.4.1.25623.1.0.844308)
Version used: 2020-01-28T10:45:23Z
The remote host is missing an update for the 'gnutls28' package(s) announced via the USN-4233-1 advisory.
Vulnerable package: libgnutls30 Installed version: 3.5.18-1ubuntu1 Fixed version: 3.5.18-1ubuntu1.2
Solution type:VendorFix
Please install the updated package(s).
'gnutls28' package(s) on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
As a security improvement, this update marks SHA1 as being untrusted for digital signature operations.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for gnutls28 USN-4233-1 (OID:1.3.6.1.4.1.25623.1.0.844288)
Version used: 2020-01-13T11:49:13Z
The remote host is missing an update for the 'libpcap' package(s) announced via the USN-4221-1 advisory.
Vulnerable package: libpcap0.8 Installed version: 1.8.1-6ubuntu1 Fixed version: 1.8.1-6ubuntu1.18.04.1
Solution type:VendorFix
Please install the updated package(s).
'libpcap' package(s) on Ubuntu 19.04, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that libpcap did not properly validate PHB headers in some situations. An attacker could use this to cause a denial of service (memory exhaustion).
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for libpcap USN-4221-1 (OID:1.3.6.1.4.1.25623.1.0.844271)
Version used: 2019-12-11T13:17:29Z
The remote host is missing an update for the 'python-psutil' package(s) announced via the USN-4204-1 advisory.
Vulnerable package: python3-psutil Installed version: 5.4.2-1 Fixed version: 5.4.2-1ubuntu0.1
Solution type:VendorFix
Please install the updated package(s).
'python-psutil' package(s) on Ubuntu 19.10, Ubuntu 19.04, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Riccardo Schirone discovered that psutil incorrectly handled certain reference counting operations. An attacker could use this issue to cause psutil to crash, resulting in a denial of service, or possibly execute arbitrary code.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for python-psutil USN-4204-1 (OID:1.3.6.1.4.1.25623.1.0.844253)
Version used: 2019-12-12T11:35:23Z
The host is installed with Oracle Java SE and is prone to multiple vulnerabilities.
Installed version: 1.7.0update_25 Fixed version: Apply the patch Installation path / port: /opt/atlassian/jira/jre/bin/java
Successful exploitation of this vulnerability will allow remote attacker to have an impact on integrity and availability
Solution type:VendorFix
The vendor has released updates. Please see the references for more information.
Oracle Java SE version 7u211(1.7.0.211) and earlier, 8u202(1.8.0.202) and earlier, 11.0.2 and earlier and 12 on Linux.
Multiple flaws exist due to:
- An error in 'Libraries' component of Java SE.
- An error in 'RMI' component of Java SE.
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (apr2019-5072813) 03 - Linux (OID:1.3.6.1.4.1.25623.1.0.815106)
Version used: 2020-10-29T15:35:19Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The remote host is missing an update for the 'python2.7' package(s) announced via the USN-4151-1 advisory.
Vulnerable package: python3.6 Installed version: 3.6.5-3 Fixed version: 3.6.8-1~18.04.3 Vulnerable package: python3.6-minimal Installed version: 3.6.5-3 Fixed version: 3.6.8-1~18.04.3
Solution type:VendorFix
Please install the updated package(s).
'python2.7' package(s) on Ubuntu 19.04, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that Python incorrectly parsed certain email addresses. A remote attacker could possibly use this issue to trick Python applications into accepting email addresses that should be denied. (CVE-2019-16056)
It was discovered that the Python documentation XML-RPC server incorrectly handled certain fields. A remote attacker could use this issue to execute a cross-site scripting (XSS) attack. (CVE-2019-16935)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for python2.7 USN-4151-1 (OID:1.3.6.1.4.1.25623.1.0.844197)
Version used: 2019-10-11T07:39:42Z
The remote host is missing an update for the 'expat' package(s) announced via the USN-4132-1 advisory.
Vulnerable package: libexpat1 Installed version: 2.2.5-3 Fixed version: 2.2.5-3ubuntu0.2
Solution type:VendorFix
Please install the updated package(s).
'expat' package(s) on Ubuntu 19.04, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that Expat incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive information.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for expat USN-4132-1 (OID:1.3.6.1.4.1.25623.1.0.844176)
Version used: 2019-09-16T07:48:47Z
The remote host is missing an update for the 'linux' package(s) announced via the USN-4041-1 advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.54.56
Solution type:VendorFix
Please install the updated package(s).
'linux' package(s) on Ubuntu 19.04, Ubuntu 18.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
USN-4017-1 fixed vulnerabilities in the Linux kernel for Ubuntu. Unfortunately, the update introduced a regression that interfered with networking applications that setup very low SO_SNDBUF values. This update fixes the problem.
We apologize for the inconvenience.
Jonathan Looney discovered that the Linux kernel could be coerced into segmenting responses into multiple TCP segments. A remote attacker could construct an ongoing sequence of requests to cause a denial of service.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for linux USN-4041-1 (OID:1.3.6.1.4.1.25623.1.0.844075)
Version used: 2019-07-04T09:58:18Z
The remote host is missing an update for the 'ca-certificates' package(s) announced via the USN-4608-1 advisory.
Vulnerable package: ca-certificates Installed version: 20180409 Fixed version: 20201027ubuntu0.18.04.1
Solution type:VendorFix
Please install the updated package(s).
'ca-certificates' package(s) on Ubuntu 20.10, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 2.44 version of the Mozilla certificate authority bundle.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for ca-certificates (USN-4608-1) (OID:1.3.6.1.4.1.25623.1.0.844688)
Version used: 2020-10-29T06:27:27Z
The remote host is missing an update for the 'glib2.0' package(s) announced via the USN-4049-1 advisory.
Vulnerable package: libglib2.0-0 Installed version: 2.56.2-0ubuntu0.18.04.1 Fixed version: 2.56.4-0ubuntu0.18.04.4
Solution type:VendorFix
Please install the updated package(s).
'glib2.0' package(s) on Ubuntu 18.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that GLib created directories and files without properly restricting permissions. An attacker could possibly use this issue to access sensitive information.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for glib2.0 USN-4049-1 (OID:1.3.6.1.4.1.25623.1.0.844081)
Version used: 2019-07-11T11:32:19Z
The remote host is missing an update for the 'bzip2' package(s) announced via the USN-4038-3 advisory.
Vulnerable package: bzip2 Installed version: 1.0.6-8.1 Fixed version: 1.0.6-8.1ubuntu0.2 Vulnerable package: libbz2-1.0 Installed version: 1.0.6-8.1 Fixed version: 1.0.6-8.1ubuntu0.2
Solution type:VendorFix
Please install the updated package(s).
'bzip2' package(s) on Ubuntu 19.04, Ubuntu 18.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
USN-4038-1 fixed a vulnerability in bzip2. The update introduced a regression causing bzip2 to incorrect raises CRC errors for some files.
We apologize for the inconvenience.
Original advisory details:
It was discovered that bzip2 incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for bzip2 USN-4038-3 (OID:1.3.6.1.4.1.25623.1.0.844080)
Version used: 2019-07-11T11:32:19Z
The application is missing the 'httpOnly' cookie attribute
The cookies: Set-Cookie: atlassian.xsrf.token=B4VD-ENRX-7911-XFC7|0dd0e261674fb447ca8cd1ffe0bf86eb9d1e30a3|lout; Path=/ are missing the "httpOnly" attribute.
Solution type:Mitigation
Set the 'httpOnly' attribute for any session cookie.
Application with session handling in cookies.
The flaw is due to a cookie is not using the 'httpOnly' attribute. This allows a cookie to be accessed by JavaScript which could lead to session hijacking attacks.
Check all cookies sent by the application for a missing 'httpOnly' attribute
Details: Missing `httpOnly` Cookie Attribute (OID:1.3.6.1.4.1.25623.1.0.105925)
Version used: 2020-08-24T15:18:35Z
The remote host is missing an update for the 'apparmor' package(s) announced via the referenced advisory.
Vulnerable package: apparmor Installed version: 2.12-4ubuntu5 Fixed version: 2.12-4ubuntu5.1
Solution type:VendorFix
Please install the updated packages.
apparmor on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS, Ubuntu 14.04 LTS
As a security improvement, this update adjusts the private-files abstraction to disallow writing to thumbnailer configuration files. Additionally adjust the private-files, private-files-strict and user-files abstractions to disallow writes on parent directories of sensitive files.
Checks if a vulnerable version is present on the target host.
Details: Ubuntu Update for apparmor USN-3784-1 (OID:1.3.6.1.4.1.25623.1.0.843654)
Version used: 2019-03-18T16:34:17Z
The remote host is missing an update for the 'jinja2' package(s) announced via the USN-4011-1 advisory.
Vulnerable package: python3-jinja2 Installed version: 2.10-1 Fixed version: 2.10-1ubuntu0.18.04.1
Solution type:VendorFix
Please install the updated package(s).
'jinja2' package(s) on Ubuntu 19.04, Ubuntu 18.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Olivier Dony discovered that Jinja incorrectly handled str.format. An attacker could possibly use this issue to escape the sandbox. This issue only affected Ubuntu 16.04 LTS. (CVE-2016-10745)
Brian Welch discovered that Jinja incorrectly handled str.format_map. An attacker could possibly use this issue to escape the sandbox. (CVE-2019-10906)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for jinja2 USN-4011-1 (OID:1.3.6.1.4.1.25623.1.0.844044)
Version used: 2019-06-11T06:16:55Z
The remote host is missing an update for the 'gnutls28' package(s) announced via the USN-3999-1 advisory.
Vulnerable package: libgnutls30 Installed version: 3.5.18-1ubuntu1 Fixed version: 3.5.18-1ubuntu1.1
Solution type:VendorFix
Please install the updated package(s).
'gnutls28' package(s) on Ubuntu 19.04, Ubuntu 18.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Eyal Ronen, Kenneth G. Paterson, and Adi Shamir discovered that GnuTLS was vulnerable to a timing side-channel attack known as the 'Lucky Thirteen' issue. A remote attacker could possibly use this issue to perform plaintext-recovery attacks via analysis of timing data. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2018-10844, CVE-2018-10845, CVE-2018-10846)
Tavis Ormandy discovered that GnuTLS incorrectly handled memory when verifying certain X.509 certificates. A remote attacker could use this issue to cause GnuTLS to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 18.10, and Ubuntu 19.04. (CVE-2019-3829)
It was discovered that GnuTLS incorrectly handled certain post-handshake messages. A remote attacker could use this issue to cause GnuTLS to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.10 and Ubuntu 19.04. (CVE-2019-3836)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for gnutls28 USN-3999-1 (OID:1.3.6.1.4.1.25623.1.0.844030)
Version used: 2019-06-04T07:02:10Z
The remote host is missing an update for the 'python-urllib3' package(s) announced via the USN-3990-1 advisory.
Vulnerable package: python3-urllib3 Installed version: 1.22-1 Fixed version: 1.22-1ubuntu0.18.04.1
Solution type:VendorFix
Please install the updated package(s).
'python-urllib3' package(s) on Ubuntu 19.04, Ubuntu 18.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that urllib3 incorrectly removed Authorization HTTP headers when handled cross-origin redirects. This could result in credentials being sent to unintended hosts. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-20060)
It was discovered that urllib3 incorrectly stripped certain characters from requests. A remote attacker could use this issue to perform CRLF injection. (CVE-2019-11236)
It was discovered that urllib3 incorrectly handled situations where a desired set of CA certificates were specified. This could result in certificates being accepted by the default CA certificates contrary to expectations. This issue only affected Ubuntu 18.04 LTS, Ubuntu 18.10, and Ubuntu 19.04. (CVE-2019-11324)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for python-urllib3 USN-3990-1 (OID:1.3.6.1.4.1.25623.1.0.844016)
Version used: 2019-05-31T13:18:49Z
The remote host is missing an update for the 'python-gnupg' package(s) announced via the USN-3964-1 advisory.
Vulnerable package: python3-gnupg Installed version: 0.4.1-1ubuntu1 Fixed version: 0.4.1-1ubuntu1.18.04.1
Solution type:VendorFix
Please install the updated package(s).
'python-gnupg' package(s) on Ubuntu 19.04, Ubuntu 18.10, Ubuntu 18.04 LTS.
Marcus Brinkmann discovered that GnuPG before 2.2.8 improperly handled certain command line parameters. A remote attacker could use this to spoof the output of GnuPG and cause unsigned e-mail to appear signed. (CVE-2018-12020)
It was discovered that python-gnupg incorrectly handled the GPG passphrase. A remote attacker could send a specially crafted passphrase that would allow them to control the output of encryption and decryption operations. (CVE-2019-6690)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for python-gnupg USN-3964-1 (OID:1.3.6.1.4.1.25623.1.0.843992)
Version used: 2019-05-03T11:15:46Z
The remote host is missing an update for the 'p11-kit' package(s) announced via the USN-4677-1 advisory.
Vulnerable package: libp11-kit0 Installed version: 0.23.9-2 Fixed version: 0.23.9-2ubuntu0.1
Solution type:VendorFix
Please install the updated package(s).
'p11-kit' package(s) on Ubuntu 20.10, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
David Cook discovered that p11-kit incorrectly handled certain memory operations. An attacker could use this issue to cause p11-kit to crash, resulting in a denial of service, or possibly execute arbitrary code.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for p11-kit (USN-4677-1) (OID:1.3.6.1.4.1.25623.1.0.844769)
Version used: 2021-01-14T10:20:28Z
The remote host is missing an update for the 'ntfs-3g' package(s) announced via the USN-3914-2 advisory.
Vulnerable package: ntfs-3g Installed version: 2017.3.23-2 Fixed version: 1:2017.3.23-2ubuntu0.18.04.2
Solution type:VendorFix
Please install the updated package(s).
'ntfs-3g' package(s) on Ubuntu 18.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
USN-3914-1 fixed vulnerabilities in NTFS-3G. As an additional hardening measure, this update removes the setuid bit from the ntfs-3g binary.
Original advisory details:
A heap buffer overflow was discovered in NTFS-3G when executing it with a relative mount point path that is too long. A local attacker could potentially exploit this to execute arbitrary code as the administrator.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for ntfs-3g USN-3914-2 (OID:1.3.6.1.4.1.25623.1.0.843980)
Version used: 2019-04-19T05:29:08Z
The remote host is missing an update for the 'python-apt' package(s) announced via the USN-4668-3 advisory.
Vulnerable package: python3-apt Installed version: 1.6.2 Fixed version: 1.6.5ubuntu0.5
Solution type:VendorFix
Please install the updated package(s).
'python-apt' package(s) on Ubuntu 20.10, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
USN-4668-1 fixed vulnerabilities in python-apt. The update caused a regression when using certain APIs with a file handle. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
Kevin Backhouse discovered that python-apt incorrectly handled resources. A local attacker could possibly use this issue to cause python-apt to consume resources, leading to a denial of service.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for python-apt (USN-4668-3) (OID:1.3.6.1.4.1.25623.1.0.844773)
Version used: 2021-01-12T06:51:19Z
The remote host is missing an update for the 'ca-certificates' package(s) announced via the USN-4719-1 advisory.
Vulnerable package: ca-certificates Installed version: 20180409 Fixed version: 20210119~18.04.1
Solution type:VendorFix
Please install the updated package(s).
'ca-certificates' package(s) on Ubuntu 20.10, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 2.46 version of the Mozilla certificate authority bundle.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for ca-certificates (USN-4719-1) (OID:1.3.6.1.4.1.25623.1.0.844813)
Version used: 2021-02-05T06:37:30Z
The remote host is missing an update for the 'openssl' package(s) announced via the USN-4738-1 advisory.
Vulnerable package: libssl1.0.0 Installed version: 1.0.2n-1ubuntu5.1 Fixed version: 1.0.2n-1ubuntu5.6
Solution type:VendorFix
Please install the updated package(s).
'openssl' package(s) on Ubuntu 20.10, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Paul Kehrer discovered that OpenSSL incorrectly handled certain input lengths in EVP functions. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. (CVE-2021-23840)
Tavis Ormandy discovered that OpenSSL incorrectly handled parsing issuer fields. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. (CVE-2021-23841)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for openssl (USN-4738-1) (OID:1.3.6.1.4.1.25623.1.0.844837)
Version used: 2021-03-02T11:47:12Z
The remote host is missing an update for the 'curl' package(s) announced via the USN-4898-1 advisory.
Vulnerable package: curl Installed version: 7.58.0-2ubuntu3.2 Fixed version: 7.58.0-2ubuntu3.13 Vulnerable package: libcurl3-gnutls Installed version: 7.58.0-2ubuntu3.2 Fixed version: 7.58.0-2ubuntu3.13 Vulnerable package: libcurl4 Installed version: 7.58.0-2ubuntu3.2 Fixed version: 7.58.0-2ubuntu3.13
Solution type:VendorFix
Please install the updated package(s).
'curl' package(s) on Ubuntu 20.10, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Viktor Szakats discovered that curl did not strip off user credentials from referrer header fields. A remote attacker could possibly use this issue to obtain sensitive information. (CVE-2021-22876)
Mingtao Yang discovered that curl incorrectly handled session tickets when using an HTTPS proxy. A remote attacker in control of an HTTPS proxy could use this issue to bypass certificate checks and intercept communications. This issue only affected Ubuntu 20.04 LTS and Ubuntu 20.10. (CVE-2021-22890)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for curl (USN-4898-1) (OID:1.3.6.1.4.1.25623.1.0.844886)
Version used: 2021-04-10T06:53:36Z
The remote host is missing an update for the 'glib2.0' package(s) announced via the USN-4764-1 advisory.
Vulnerable package: libglib2.0-0 Installed version: 2.56.2-0ubuntu0.18.04.1 Fixed version: 2.56.4-0ubuntu0.18.04.8
Solution type:VendorFix
Please install the updated package(s).
'glib2.0' package(s) on Ubuntu 20.10, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that GLib incorrectly handled certain symlinks when replacing files. If a user or automated system were tricked into extracting a specially crafted file with File Roller, a remote attacker could possibly create files outside of the intended directory.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for glib2.0 (USN-4764-1) (OID:1.3.6.1.4.1.25623.1.0.844865)
Version used: 2021-03-30T06:46:39Z
The remote host is missing an update for the 'glib2.0' package(s) announced via the USN-4759-1 advisory.
Vulnerable package: libglib2.0-0 Installed version: 2.56.2-0ubuntu0.18.04.1 Fixed version: 2.56.4-0ubuntu0.18.04.7
Solution type:VendorFix
Please install the updated package(s).
'glib2.0' package(s) on Ubuntu 20.10, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Krzesimir Nowak discovered that GLib incorrectly handled certain large buffers. A remote attacker could use this issue to cause applications linked to GLib to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-27218)
Kevin Backhouse discovered that GLib incorrectly handled certain memory allocations. A remote attacker could use this issue to cause applications linked to GLib to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-27219)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for glib2.0 (USN-4759-1) (OID:1.3.6.1.4.1.25623.1.0.844860)
Version used: 2021-03-17T09:33:35Z
The remote host is missing one or more known mitigation(s) on Linux Kernel side for the referenced 'iTLB multihit' hardware vulnerabilities.
The Linux Kernel on the remote host is missing the mitigation for the "itlb_multihit" hardware vulnerabilities as reported by the sysfs interface: sysfs file checked | Kernel status (SSH response) ------------------------------------------------------------------------------------------------------------------------------------------------------------------ /sys/devices/system/cpu/vulnerabilities/itlb_multihit | sysfs file missing (cat: /sys/devices/system/cpu/vulnerabilities/itlb_multihit: No such file or directory) Notes on the "Kernel status / SSH response" column: - sysfs file missing: The sysfs interface is available but the sysfs file for this specific vulnerability is missing. This means the kernel doesn't know this vulnerability yet and is not providing any mitigation which means the target system is vulnerable. - Strings including "Mitigation:", "Not affected" or "Vulnerable" are reported directly by the Linux Kernel. - All other strings are responses to various SSH commands.
Solution type:VendorFix
Enable the mitigation(s) in the Linux Kernel or update to a more recent Linux Kernel.
Checks previous gathered information on the mitigation status reported by the Linux Kernel.
Details: Missing Linux Kernel mitigations for 'iTLB multihit' hardware vulnerabilities (OID:1.3.6.1.4.1.25623.1.0.108766)
Version used: 2020-08-25T06:01:08Z
| Product: | cpe:/a:linux:kernel |
| Method: | Detection of Linux Kernel mitigation status for hardware vulnerabilities (OID: 1.3.6.1.4.1.25623.1.0.108765 ) |
The remote host is missing an update for the 'linux' package(s) announced via the USN-4710-1 advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.135.122
Solution type:VendorFix
Please install the updated package(s).
'linux' package(s) on Ubuntu 18.04 LTS.
Kiyin () discovered that the perf subsystem in the Linux kernel did not properly deallocate memory in some situations. A privileged attacker could use this to cause a denial of service (kernel memory exhaustion).
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for linux (USN-4710-1) (OID:1.3.6.1.4.1.25623.1.0.844803)
Version used: 2021-02-05T06:37:30Z
The host is installed with Oracle Java SE and is prone to multiple vulnerabilities.
Installed version: 1.7.0update_25 Fixed version: Apply the patch Installation path / port: /opt/atlassian/jira/jre/bin/java
Successful exploitation of this vulnerability will allow remote attackers to conduct a denial of service condition, access data, partially modify data and gain elevated privileges.
Solution type:VendorFix
Apply the patch from the referenced advisory.
Oracle Java SE version 1.6.0.171 and earlier, 1.7.0.161 and earlier, 1.8.0.152 and earlier, 9.0.1 and earlier on Linux.
Multiple flaws exist due to:
- Multiple errors in 'Libraries' sub-component.
- Multiple errors in 'JNDI' sub-component.
- An error in 'JMX' sub-component.
- Multiple errors in 'AWT' sub-component.
- An error in 'JCE' sub-component.
- An error in 'JGSS' sub-component.
- An error in 'I18n' sub-component.
- An error in 'LDAP' sub-component.
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (jan2018-3236628) 03 - Linux (OID:1.3.6.1.4.1.25623.1.0.108370)
Version used: 2021-06-30T02:00:35Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The host / application transmits sensitive information (username, passwords) in cleartext via HTTP.
The following input fields where identified (URL:input name): http://192.168.99.28:8080/login.jsp:os_password http://192.168.99.28:8080/secure/Signup!default.jspa:password
An attacker could use this situation to compromise or eavesdrop on the HTTP communication between the client and the server using a man-in-the-middle attack to get access to sensitive data like usernames or passwords.
Solution type:Workaround
Enforce the transmission of sensitive data via an encrypted SSL/TLS connection. Additionally make sure the host / application is redirecting all users to the secured SSL/TLS connection before allowing to input sensitive data into the mentioned functions.
Hosts / applications which doesn't enforce the transmission of sensitive data via an encrypted SSL/TLS connection.
Evaluate previous collected information and check if the host / application is not enforcing the transmission of sensitive data via an encrypted SSL/TLS connection.
The script is currently checking the following:
- HTTP Basic Authentication (Basic Auth)
- HTTP Forms (e.g. Login) with input field of type 'password'
Details: Cleartext Transmission of Sensitive Information via HTTP (OID:1.3.6.1.4.1.25623.1.0.108440)
Version used: 2020-08-24T15:18:35Z
The remote host is missing an update for the 'python-apt' package(s) announced via the USN-4247-1 advisory.
Vulnerable package: python3-apt Installed version: 1.6.2 Fixed version: 1.6.5ubuntu0.1
Solution type:VendorFix
Please install the updated package(s).
'python-apt' package(s) on Ubuntu 19.10, Ubuntu 19.04, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that python-apt would still use MD5 hashes to validate certain downloaded packages. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be used to install altered packages. (CVE-2019-15795)
It was discovered that python-apt could install packages from untrusted repositories, contrary to expectations. (CVE-2019-15796)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for python-apt USN-4247-1 (OID:1.3.6.1.4.1.25623.1.0.844304)
Version used: 2021-07-13T02:01:14Z
The remote host is missing an update for the 'intel-microcode' package(s) announced via the USN-3977-3 advisory.
Vulnerable package: intel-microcode Installed version: 3.20180807a.0ubuntu0.18.04.1 Fixed version: 3.20190618.0ubuntu0.18.04.1
Solution type:VendorFix
Please install the updated package(s).
'intel-microcode' package(s) on Ubuntu 19.04, Ubuntu 18.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
USN-3977-1 and USN-3977-2 provided mitigations for Microarchitectural Data Sampling (MDS) vulnerabilities in Intel Microcode for a large number of Intel processor families. This update provides the corresponding updated microcode mitigations for the Intel Sandy Bridge processor family
Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian sterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered that memory previously stored in microarchitectural fill buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. (CVE-2018-12130)
Brandon Falk, Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Stephan van Schaik, Alyssa Milburn, Sebastian sterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, and Cristiano Giuffrida discovered that memory previously stored in microarchitectural load ports of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. (CVE-2018-12127)
Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Marina Minkin, Daniel Moghimi, Moritz Lipp, Michael Schwarz, Jo Van Bulck, Daniel Genkin, Daniel Gruss, Berk Sunar, Frank Piessens, and Yuval Yarom discovered that memory previously stored in microarchitectural store buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. (CVE-2018-12126)
Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Volodrmyr Pikhur, Moritz Lipp, Michael Schwarz, Daniel Gruss, Stephan van Schaik, Alyssa Milburn, Sebastian sterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, and Cristiano Giuffrida discovered that uncacheable memory previously stored in microarchitectural buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. (CVE-2019-11091)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for intel-microcode USN-3977-3 (OID:1.3.6.1.4.1.25623.1.0.844061)
Version used: 2019-06-27T06:30:18Z
The remote host is missing one or more known mitigation(s) on Linux Kernel side for the referenced 'MDS - Microarchitectural Data Sampling' hardware vulnerabilities.
The Linux Kernel on the remote host is missing the mitigation for the "mds" hardware vulnerabilities as reported by the sysfs interface: sysfs file checked | Kernel status (SSH response) ---------------------------------------------------------------------------------------------------------------------------------------------- /sys/devices/system/cpu/vulnerabilities/mds | sysfs file missing (cat: /sys/devices/system/cpu/vulnerabilities/mds: No such file or directory) Notes on the "Kernel status / SSH response" column: - sysfs file missing: The sysfs interface is available but the sysfs file for this specific vulnerability is missing. This means the kernel doesn't know this vulnerability yet and is not providing any mitigation which means the target system is vulnerable. - Strings including "Mitigation:", "Not affected" or "Vulnerable" are reported directly by the Linux Kernel. - All other strings are responses to various SSH commands.
Solution type:VendorFix
Enable the mitigation(s) in the Linux Kernel or update to a more recent Linux Kernel.
Checks previous gathered information on the mitigation status reported by the Linux Kernel.
Details: Missing Linux Kernel mitigations for 'MDS - Microarchitectural Data Sampling' h... (OID:1.3.6.1.4.1.25623.1.0.108840)
Version used: 2020-08-25T06:01:08Z
| Product: | cpe:/a:linux:kernel |
| Method: | Detection of Linux Kernel mitigation status for hardware vulnerabilities (OID: 1.3.6.1.4.1.25623.1.0.108765 ) |
The remote host is missing an update for the 'python-apt' package(s) announced via the USN-4247-2 advisory.
Vulnerable package: python3-apt Installed version: 1.6.2 Fixed version: 1.6.5ubuntu0.2
Solution type:VendorFix
Please install the updated package(s).
'python-apt' package(s) on Ubuntu 19.10, Ubuntu 19.04, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
USN-4247-1 fixed vulnerabilities in python-apt. The updated packages caused a regression when attempting to upgrade to a new Ubuntu release. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
It was discovered that python-apt would still use MD5 hashes to validate certain downloaded packages. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be used to install altered packages. (CVE-2019-15795) It was discovered that python-apt could install packages from untrusted repositories, contrary to expectations. (CVE-2019-15796)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for python-apt USN-4247-2 (OID:1.3.6.1.4.1.25623.1.0.844306)
Version used: 2021-07-09T02:00:48Z
The remote host is missing an update for the 'intel-microcode' package(s) announced via the USN-3977-2 advisory.
Vulnerable package: intel-microcode Installed version: 3.20180807a.0ubuntu0.18.04.1 Fixed version: 3.20190514.0ubuntu0.18.04.3
Solution type:VendorFix
Please install the updated package(s).
'intel-microcode' package(s) on Ubuntu 19.04, Ubuntu 18.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
USN-3977-1 provided mitigations for Microarchitectural Data Sampling (MDS) vulnerabilities in Intel Microcode for a large number of Intel processor families. This update provides the corresponding updated microcode mitigations for Intel Cherry Trail and Bay Trail processor families.
Original advisory details:
Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered that memory previously stored in microarchitectural fill buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. (CVE-2018-12130)
Brandon Falk, Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, and Cristiano Giuffrida discovered that memory previously stored in microarchitectural load ports of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. (CVE-2018-12127)
Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Marina Minkin, Daniel Moghimi, Moritz Lipp, Michael Schwarz, Jo Van Bulck, Daniel Genkin, Daniel Gruss, Berk Sunar, Frank Piessens, and Yuval Yarom discovered that memory previously stored in microarchitectural store buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. (CVE-2018-12126)
Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Volodrmyr Pikhur, Moritz Lipp, Michael Schwarz, Daniel Gruss, Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, and Cristiano Giuffrida discovered that uncacheable memory previously stored in microarchitectural buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. (CVE-2019-11091)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for intel-microcode USN-3977-2 (OID:1.3.6.1.4.1.25623.1.0.844021)
Version used: 2019-06-04T06:44:21Z
The remote host is missing an update for the 'intel-microcode' package(s) announced via the USN-3977-1 advisory.
Vulnerable package: intel-microcode Installed version: 3.20180807a.0ubuntu0.18.04.1 Fixed version: 3.20190514.0ubuntu0.18.04.2
Solution type:VendorFix
Please install the updated package(s).
'intel-microcode' package(s) on Ubuntu 19.04, Ubuntu 18.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian sterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered that memory previously stored in microarchitectural fill buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. (CVE-2018-12130)
Brandon Falk, Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Stephan van Schaik, Alyssa Milburn, Sebastian sterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, and Cristiano Giuffrida discovered that memory previously stored in microarchitectural load ports of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. (CVE-2018-12127)
Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Marina Minkin, Daniel Moghimi, Moritz Lipp, Michael Schwarz, Jo Van Bulck, Daniel Genkin, Daniel Gruss, Berk Sunar, Frank Piessens, and Yuval Yarom discovered that memory previously stored in microarchitectural store buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. (CVE-2018-12126)
Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Volodrmyr Pikhur, Moritz Lipp, Michael Schwarz, Daniel Gruss, Stephan van Schaik, Alyssa Milburn, Sebastian sterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, and Cristiano Giuffrida discovered that uncacheable memory previously stored in microarchitectural buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. (CVE-2019-11091)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for intel-microcode USN-3977-1 (OID:1.3.6.1.4.1.25623.1.0.844011)
Version used: 2019-06-04T06:44:21Z
The remote host is missing an update for the 'linux' package(s) announced via the USN-4883-1 advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.139.126
Solution type:VendorFix
Please install the updated package(s).
'linux' package(s) on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Adam Nichols discovered that heap overflows existed in the iSCSI subsystem in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-27365)
Adam Nichols discovered that the iSCSI subsystem in the Linux kernel did not properly restrict access to iSCSI transport handles. A local attacker could use this to cause a denial of service or expose sensitive information (kernel pointer addresses). (CVE-2021-27363)
Adam Nichols discovered that an out-of-bounds read existed in the iSCSI subsystem in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2021-27364)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for linux (USN-4883-1) (OID:1.3.6.1.4.1.25623.1.0.844873)
Version used: 2021-03-30T03:28:48Z
The remote host is missing an update for the 'e2fsprogs' package(s) announced via the USN-4142-1 advisory.
Vulnerable package: e2fsprogs Installed version: 1.44.1-1 Fixed version: 1.44.1-1ubuntu1.2
Solution type:VendorFix
Please install the updated package(s).
'e2fsprogs' package(s) on Ubuntu 19.04, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that e2fsprogs incorrectly handled certain ext4 partitions. An attacker could possibly use this issue to execute arbitrary code.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for e2fsprogs USN-4142-1 (OID:1.3.6.1.4.1.25623.1.0.844190)
Version used: 2019-10-01T10:38:58Z
The remote host is missing an update for the 'curl' package(s) announced via the USN-3993-1 advisory.
Vulnerable package: curl Installed version: 7.58.0-2ubuntu3.2 Fixed version: 7.58.0-2ubuntu3.7 Vulnerable package: libcurl3-gnutls Installed version: 7.58.0-2ubuntu3.2 Fixed version: 7.58.0-2ubuntu3.7 Vulnerable package: libcurl4 Installed version: 7.58.0-2ubuntu3.2 Fixed version: 7.58.0-2ubuntu3.7
Solution type:VendorFix
Please install the updated package(s).
'curl' package(s) on Ubuntu 19.04, Ubuntu 18.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Wenchao Li discovered that curl incorrectly handled memory in the curl_url_set() function. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 19.04. (CVE-2019-5435)
It was discovered that curl incorrectly handled memory when receiving data from a TFTP server. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2019-5436)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for curl USN-3993-1 (OID:1.3.6.1.4.1.25623.1.0.844019)
Version used: 2019-06-03T07:01:53Z
This host is installed with Oracle Java SE and is prone to privilege escalation vulnerability.
Installed version: 1.7.0update_25 Fixed version: 8 update 5 or 7 update 55 Installation path / port: /opt/atlassian/jira/jre/bin/java
Successful exploitation will allow a local attacker to use a symlink attack against the '/tmp/unpack.log' file to overwrite arbitrary files.
Solution type:VendorFix
Upgrade to version 8 update 5 or 7 update 55, or later.
Oracle Java SE 7 update 51 and prior on Linux
The flaw is due to some error in the 'unpacker::redirect_stdio' function within 'unpack.cpp'.
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Privilege Escalation Vulnerability Feb 2014 (Linux) (OID:1.3.6.1.4.1.25623.1.0.108424)
Version used: 2018-11-15T08:13:22Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The remote host is missing an update for the 'linux' package(s) announced via the USN-3901-1 advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.46.48
Solution type:VendorFix
Please install the updated package(s).
linux on Ubuntu 18.04 LTS.
Jann Horn discovered that the userfaultd implementation in the Linux kernel did not properly restrict access to certain ioctls. A local attacker could use this possibly to modify files. (CVE-2018-18397)
It was discovered that the crypto subsystem of the Linux kernel leaked uninitialized memory to user space in some situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2018-19854)
Jann Horn discovered a race condition in the fork() system call in the Linux kernel. A local attacker could use this to gain access to services that cache authorizations. (CVE-2019-6133)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for linux USN-3901-1 (OID:1.3.6.1.4.1.25623.1.0.843923)
Version used: 2019-03-18T16:34:17Z
The remote host is missing an update for the 'policykit-1' package(s) announced via the USN-3934-1 advisory.
Vulnerable package: libpolkit-backend-1-0 Installed version: 0.105-20ubuntu0.18.04.1 Fixed version: 0.105-20ubuntu0.18.04.5 Vulnerable package: policykit-1 Installed version: 0.105-20ubuntu0.18.04.1 Fixed version: 0.105-20ubuntu0.18.04.5
Solution type:VendorFix
Please install the updated package(s).
'policykit-1' package(s) on Ubuntu 18.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS, Ubuntu 14.04 LTS.
It was discovered that PolicyKit incorrectly relied on the fork() system call in the Linux kernel being atomic. A local attacker could possibly use this issue to gain access to services that have cached authorizations.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for policykit-1 USN-3934-1 (OID:1.3.6.1.4.1.25623.1.0.843964)
Version used: 2019-04-26T08:24:31Z
The remote host is missing an update for the 'iproute2' package(s) announced via the USN-4357-1 advisory.
Vulnerable package: iproute2 Installed version: 4.15.0-2ubuntu1 Fixed version: 4.15.0-2ubuntu1.1
Solution type:VendorFix
Please install the updated package(s).
'iproute2' package(s) on Ubuntu 18.04 LTS.
It was discovered that IPRoute incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for iproute2 (USN-4357-1) (OID:1.3.6.1.4.1.25623.1.0.844427)
Version used: 2021-07-13T02:01:14Z
The remote host is missing an update for the 'ntfs-3g' package(s) announced via the USN-3914-1 advisory.
Vulnerable package: ntfs-3g Installed version: 2017.3.23-2 Fixed version: 1:2017.3.23-2ubuntu0.18.04.1
Solution type:VendorFix
Please install the updated package(s).
'ntfs-3g' package(s) on Ubuntu 18.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
A heap buffer overflow was discovered in NTFS-3G when executing it with a relative mount point path that is too long. A local attacker could potentially exploit this to execute arbitrary code as the administrator.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for ntfs-3g USN-3914-1 (OID:1.3.6.1.4.1.25623.1.0.843941)
Version used: 2019-06-11T06:56:59Z
The remote host is missing an update for the 'apport' package(s) announced via the USN-4051-1 advisory.
Vulnerable package: python3-apport Installed version: 2.20.9-0ubuntu7.3 Fixed version: 2.20.9-0ubuntu7.7
Solution type:VendorFix
Please install the updated package(s).
'apport' package(s) on Ubuntu 19.04, Ubuntu 18.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Kevin Backhouse discovered a race-condition when reading the user's local Apport configuration. This could be used by a local attacker to cause Apport to include arbitrary files in a resulting crash report.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for apport USN-4051-1 (OID:1.3.6.1.4.1.25623.1.0.844085)
Version used: 2019-09-09T06:54:37Z
The host is installed with Oracle Java SE and is prone to multiple vulnerabilities.
Installed version: 1.7.0update_25 Fixed version: Apply the patch Installation path / port: /opt/atlassian/jira/jre/bin/java
Successful exploitation of this vulnerability will allow remote attacker to have an impact on confidentiality, integrity and availability.
Solution type:VendorFix
The vendor has released updates. Please see the references for more information.
Oracle Java SE version 7u231(1.7.0.231) and earlier, 8u221(1.8.0.221) and earlier, 11.0.4 and earlier, 13 on Linux.
Multiple flaws exist due to errors in 'Kerberos', 'Networking', 'Libraries', 'Javadoc', '2D', 'Concurrency', 'JAXP', 'Security' and 'Serialization' components.
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (oct2019-5072832) 01 - Linux (OID:1.3.6.1.4.1.25623.1.0.815640)
Version used: 2020-10-29T15:35:19Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
This host is installed with Oracle Java SE and is prone to multiple security vulnerabilities.
Installed version: 1.7.0update_25 Fixed version: Apply the patch Installation path / port: /opt/atlassian/jira/jre/bin/java
Successful exploitation will allow remote attacker to have an impact on integrity.
Solution type:VendorFix
The vendor has released updates. Please see the references for more information.
Oracle Java SE version 7u291 (1.7.0.291) and earlier, 8u281 (1.8.0.281) and earlier, 11.0.10 and earlier, 16 on Linux.
Multiple flaws are due to multiple errors in 'Libraries' component.
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Update (apr2021) - Linux (OID:1.3.6.1.4.1.25623.1.0.818129)
Version used: 2021-05-26T07:20:58Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The host is installed with Oracle Java SE and is prone to security vulnerability.
Installed version: 1.7.0update_25 Fixed version: Apply the patch Installation path / port: /opt/atlassian/jira/jre/bin/java
Successful exploitation will allow remote attacker to have an impact on availability.
Solution type:VendorFix
The vendor has released updates. Please see the references for more information.
Oracle Java SE version 7u241 (1.7.0.241) and earlier, 8u231 (1.8.0.231) and earlier on Linux.
The flaw is due to error in component Networking.
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates(jan2020) 04 - Linux (OID:1.3.6.1.4.1.25623.1.0.816606)
Version used: 2020-05-12T13:57:17Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
Atlassian JIRA is prone to a cross-site scripting vulnerability.
Installed version: 6.3 Fixed version: 7.2.2
An attacker may inject arbitrary web script or HTML code.
Solution type:VendorFix
Upgrade to 7.2.2.
Versions prior to 7.2.2.
A cross-site scripting vulnerability in includes/decorators/global-translations.jsp allows remote attackers to inject arbitrary web script or HTML via the HTTP Host header.
Checks if a vulnerable version is present on the target host.
Details: Atlassian JIRA < 7.2.2 XSS Vulnerabilityy (OID:1.3.6.1.4.1.25623.1.0.108074)
Version used: 2018-10-26T06:33:36Z
The host is installed with Oracle Java SE JRE and is prone to unspecified vulnerability.
Installed version: 1.7.0update_25 Fixed version: Apply the patch from the referenced advisory.
Successful exploitation will allow attackers to have an impact on integrity.
Solution type:VendorFix
Apply the patch from the referenced advisory.
Oracle Java SE 7 update 80 on Linux.
The flaw is due to unspecified flaws related to unspecified vectors.
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE JRE Unspecified Vulnerability-03 July 2015 (Linux) (OID:1.3.6.1.4.1.25623.1.0.108406)
Version used: 2018-10-12T11:22:41Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The remote host is missing an update for the 'openssl1.0' package(s) announced via the USN-3899-1 advisory.
Vulnerable package: libssl1.0.0 Installed version: 1.0.2n-1ubuntu5.1 Fixed version: 1.0.2n-1ubuntu5.3
Solution type:VendorFix
Please install the updated package(s).
openssl1.0 on Ubuntu 18.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Juraj Somorovsky, Robert Merget, and Nimrod Aviram discovered that certain applications incorrectly used OpenSSL and could be exposed to a padding oracle attack. A remote attacker could possibly use this issue to decrypt data.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for openssl1.0 USN-3899-1 (OID:1.3.6.1.4.1.25623.1.0.843920)
Version used: 2019-03-18T16:34:17Z
The remote host is missing an update for the 'libmspack' package(s) announced via the USN-4066-1 advisory.
Vulnerable package: libmspack0 Installed version: 0.6-3ubuntu0.1 Fixed version: 0.6-3ubuntu0.3
Solution type:VendorFix
Please install the updated package(s).
'libmspack' package(s) on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
It was discovered that libmspack incorrectly handled certain CHM files. A remote attacker could possibly use this issue to access sensitive information.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for libmspack USN-4066-1 (OID:1.3.6.1.4.1.25623.1.0.844100)
Version used: 2019-08-02T07:02:11Z
The host is installed with Oracle Java SE and is prone to multiple vulnerabilities.
Installed version: 1.7.0update_25 Fixed version: Apply the patch Installation path / port: /opt/atlassian/jira/jre/bin/java
Successful exploitation will allow attackes to partially cause denial of service and access data.
Solution type:VendorFix
Apply the appropriate patch from the vendor. Please see the references for more information.
Oracle Java SE version 1.7.0 to 1.7.0.201, 1.8.0 to 1.8.0.192 and 11.0.1 on Linux.
Multiple flaws exist due to errors in 'ImageIO', 'Networking' and 'Libraries' components.
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Multiple Vulnerabilities(Jan2019-5072801)-Linux (OID:1.3.6.1.4.1.25623.1.0.814914)
Version used: 2020-05-12T13:57:17Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The remote host is missing an update for the 'dnsmasq' package(s) announced via the USN-4976-1 advisory.
Vulnerable package: dnsmasq-base Installed version: 2.79-1 Fixed version: 2.79-1ubuntu0.4
Solution type:VendorFix
Please install the updated package(s).
'dnsmasq' package(s) on Ubuntu 20.10, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS.
Petr Mensik discovered that Dnsmasq incorrectly randomized source ports in certain configurations. A remote attacker could possibly use this issue to facilitate DNS cache poisoning attacks.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for dnsmasq (USN-4976-1) (OID:1.3.6.1.4.1.25623.1.0.844963)
Version used: 2021-06-04T12:02:46Z
The host is installed with Oracle Java SE and is prone to an unspecified vulnerability.
Installed version: 1.7.0update_25 Fixed version: Apply the patch Installation path / port: /opt/atlassian/jira/jre/bin/java
Successful exploitation will allow remote attackers to affect confidentiality and integrity via unknown vectors.
Solution type:VendorFix
Apply the appropriate patch from the vendor. Please see the references for more information.
Oracle Java SE version 1.8.0.162 and earlier, 1.7.0.171 and earlier, 1.6.0.181 and earlier on Linux.
The flaw is due to an unspecified error in 'RMI' component of Java SE.
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (apr2018-3678067) 06 - Linux (OID:1.3.6.1.4.1.25623.1.0.813312)
Version used: 2021-06-30T02:00:35Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The remote host is missing an update for the 'dbus' package(s) announced via the USN-4015-1 advisory.
Vulnerable package: dbus Installed version: 1.12.2-1ubuntu1 Fixed version: 1.12.2-1ubuntu1.1 Vulnerable package: libdbus-1-3 Installed version: 1.12.2-1ubuntu1 Fixed version: 1.12.2-1ubuntu1.1
Solution type:VendorFix
Please install the updated package(s).
'dbus' package(s) on Ubuntu 19.04, Ubuntu 18.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Joe Vennix discovered that DBus incorrectly handled DBUS_COOKIE_SHA1 authentication. A local attacker could possibly use this issue to bypass authentication and connect to DBus servers with elevated privileges.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for dbus USN-4015-1 (OID:1.3.6.1.4.1.25623.1.0.844049)
Version used: 2019-06-17T06:50:08Z
The remote host is missing an update for the 'apport' package(s) announced via the USN-4965-1 advisory.
Vulnerable package: apport Installed version: 2.20.9-0ubuntu7.3 Fixed version: 2.20.9-0ubuntu7.24 Vulnerable package: python3-apport Installed version: 2.20.9-0ubuntu7.3 Fixed version: 2.20.9-0ubuntu7.24
Solution type:VendorFix
Please install the updated package(s).
'apport' package(s) on Ubuntu 20.10, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS.
Maik Münch discovered that Apport incorrectly handled certain information gathering operations. A local attacker could use these issues to read and write arbitrary files as an administrator, and possibly escalate privileges.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for apport (USN-4965-1) (OID:1.3.6.1.4.1.25623.1.0.844952)
Version used: 2021-06-28T07:09:08Z
The remote host is missing an update for the 'linux' package(s) announced via the USN-4890-1 advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.140.127
Solution type:VendorFix
Please install the updated package(s).
'linux' package(s) on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Piotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not properly compute a speculative execution limit on pointer arithmetic in some situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2020-27171)
Piotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not properly apply speculative execution limits on some pointer types. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2020-27170)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for linux (USN-4890-1) (OID:1.3.6.1.4.1.25623.1.0.844879)
Version used: 2021-04-09T07:03:34Z
The remote host is missing an update for the 'nettle' package(s) announced via the USN-4990-1 advisory.
Vulnerable package: libnettle6 Installed version: 3.4-1 Fixed version: 3.4.1-0ubuntu0.18.04.1
Solution type:VendorFix
Please install the updated package(s).
'nettle' package(s) on Ubuntu 20.10, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS.
It was discovered that Nettle incorrectly handled RSA decryption. A remote attacker could possibly use this issue to cause Nettle to crash, resulting in a denial of service. (CVE-2021-3580)
It was discovered that Nettle incorrectly handled certain padding oracles. A remote attacker could possibly use this issue to perform a variant of the Bleichenbacher attack. This issue only affected Ubuntu 18.04 LTS. (CVE-2018-16869)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for nettle (USN-4990-1) (OID:1.3.6.1.4.1.25623.1.0.844979)
Version used: 2021-07-07T14:24:04Z
The remote host is missing an update for the 'isc-dhcp' package(s) announced via the USN-4969-1 advisory.
Vulnerable package: isc-dhcp-client Installed version: 4.3.5-3ubuntu7 Fixed version: 4.3.5-3ubuntu7.3
Solution type:VendorFix
Please install the updated package(s).
'isc-dhcp' package(s) on Ubuntu 20.10, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS.
Jon Franklin and Pawel Wieczorkiewicz discovered that DHCP incorrectly handled lease file parsing. A remote attacker could possibly use this issue to cause DHCP to crash, resulting in a denial of service.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for isc-dhcp (USN-4969-1) (OID:1.3.6.1.4.1.25623.1.0.844956)
Version used: 2021-06-14T07:12:08Z
The remote host is missing an update for the 'python-apt' package(s) announced via the USN-4668-1 advisory.
Vulnerable package: python3-apt Installed version: 1.6.2 Fixed version: 1.6.5ubuntu0.4
Solution type:VendorFix
Please install the updated package(s).
'python-apt' package(s) on Ubuntu 20.10, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Kevin Backhouse discovered that python-apt incorrectly handled resources. A local attacker could possibly use this issue to cause python-apt to consume resources, leading to a denial of service.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for python-apt (USN-4668-1) (OID:1.3.6.1.4.1.25623.1.0.844754)
Version used: 2021-07-09T02:00:48Z
The remote host is missing an update for the 'libpng1.6' package(s) announced via the USN-3962-1 advisory.
Vulnerable package: libpng16-16 Installed version: 1.6.34-1ubuntu0.18.04.1 Fixed version: 1.6.34-1ubuntu0.18.04.2
Solution type:VendorFix
Please install the updated package(s).
'libpng1.6' package(s) on Ubuntu 18.10, Ubuntu 18.04 LTS.
It was discovered that libpng incorrectly handled certain memory operations. If a user or automated system were tricked into opening a specially crafted PNG file, a remote attacker could use this issue to cause libpng to crash, resulting in a denial of service, or possibly execute arbitrary code.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for libpng1.6 USN-3962-1 (OID:1.3.6.1.4.1.25623.1.0.843990)
Version used: 2019-05-03T11:15:46Z
The remote host implements TCP timestamps and therefore allows to compute the uptime.
It was detected that the host implements RFC1323/RFC7323. The following timestamps were retrieved with a delay of 1 seconds in-between: Packet 1: 1893851580 Packet 2: 1893852721
A side effect of this feature is that the uptime of the remote host can sometimes be computed.
Solution type:Mitigation
To disable TCP timestamps on linux add the line 'net.ipv4.tcp_timestamps = 0' to /etc/sysctl.conf. Execute 'sysctl -p' to apply the settings at runtime.
To disable TCP timestamps on Windows execute 'netsh int tcp set global timestamps=disabled'
Starting with Windows Server 2008 and Vista, the timestamp can not be completely disabled.
The default behavior of the TCP/IP stack on this Systems is to not use the Timestamp options when initiating TCP connections, but use them if the TCP peer that is initiating communication includes them in their synchronize (SYN) segment.
See the references for more information.
TCP implementations that implement RFC1323/RFC7323.
The remote host implements TCP timestamps, as defined by RFC1323/RFC7323.
Special IP packets are forged and sent with a little delay in between to the target IP. The responses are searched for a timestamps. If found, the timestamps are reported.
Details: TCP timestamps (OID:1.3.6.1.4.1.25623.1.0.80091)
Version used: 2020-08-24T08:40:10Z
The remote host is missing an update for the 'intel-microcode' package(s) announced via the USN-4182-1 advisory.
Vulnerable package: intel-microcode Installed version: 3.20180807a.0ubuntu0.18.04.1 Fixed version: 3.20191112-0ubuntu0.18.04.2
Solution type:VendorFix
Please install the updated package(s).
'intel-microcode' package(s) on Ubuntu 19.10, Ubuntu 19.04, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions (TSX) could expose memory contents previously stored in microarchitectural buffers to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. (CVE-2019-11135)
It was discovered that certain Intel Xeon processors did not properly restrict access to a voltage modulation interface. A local privileged attacker could use this to cause a denial of service (system crash). (CVE-2019-11139)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for intel-microcode USN-4182-1 (OID:1.3.6.1.4.1.25623.1.0.844229)
Version used: 2019-12-12T11:35:23Z
The remote host is missing one or more known mitigation(s) on Linux Kernel side for the referenced 'TAA - TSX Asynchronous Abort' hardware vulnerabilities.
The Linux Kernel on the remote host is missing the mitigation for the "tsx_async_abort" hardware vulnerabilities as reported by the sysfs interface: sysfs file checked | Kernel status (SSH response) ---------------------------------------------------------------------------------------------------------------------------------------------------------------------- /sys/devices/system/cpu/vulnerabilities/tsx_async_abort | sysfs file missing (cat: /sys/devices/system/cpu/vulnerabilities/tsx_async_abort: No such file or directory) Notes on the "Kernel status / SSH response" column: - sysfs file missing: The sysfs interface is available but the sysfs file for this specific vulnerability is missing. This means the kernel doesn't know this vulnerability yet and is not providing any mitigation which means the target system is vulnerable. - Strings including "Mitigation:", "Not affected" or "Vulnerable" are reported directly by the Linux Kernel. - All other strings are responses to various SSH commands.
Solution type:VendorFix
Enable the mitigation(s) in the Linux Kernel or update to a more recent Linux Kernel.
Checks previous gathered information on the mitigation status reported by the Linux Kernel.
Details: Missing Linux Kernel mitigations for 'TAA - TSX Asynchronous Abort' hardware vu... (OID:1.3.6.1.4.1.25623.1.0.108846)
Version used: 2020-08-25T06:01:08Z
| Product: | cpe:/a:linux:kernel |
| Method: | Detection of Linux Kernel mitigation status for hardware vulnerabilities (OID: 1.3.6.1.4.1.25623.1.0.108765 ) |
The remote host is missing an update for the 'libzstd' package(s) announced via the USN-4760-1 advisory.
Vulnerable package: libzstd1 Installed version: 1.3.3+dfsg-2ubuntu1 Fixed version: 1.3.3+dfsg-2ubuntu1.2
Solution type:VendorFix
Please install the updated package(s).
'libzstd' package(s) on Ubuntu 20.10, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS.
It was discovered that libzstd incorrectly handled file permissions. A local attacker could possibly use this issue to access certain files, contrary to expectations.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for libzstd (USN-4760-1) (OID:1.3.6.1.4.1.25623.1.0.844859)
Version used: 2021-05-03T06:46:42Z
The remote host is missing an update for the 'intel-microcode' package(s) announced via the USN-4628-3 advisory.
Vulnerable package: intel-microcode Installed version: 3.20180807a.0ubuntu0.18.04.1 Fixed version: 3.20210216.0ubuntu0.18.04.1
Solution type:VendorFix
Please install the updated package(s).
'intel-microcode' package(s) on Ubuntu 20.10, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS.
USN-4628-1 provided updated Intel Processor Microcode for various processor types. This update provides the corresponding updates for some additional processor types.
Original advisory details:
Moritz Lipp, Michael Schwarz, Andreas Kogler, David Oswald, Catherine Easdon, Claudio Canella, and Daniel Gruss discovered that the Intel Running Average Power Limit (RAPL) feature of some Intel processors allowed a side- channel attack based on power consumption measurements. A local attacker could possibly use this to expose sensitive information. (CVE-2020-8695)
Ezra Caltum, Joseph Nuzman, Nir Shildan and Ofir Joseff discovered that some Intel(R) Processors did not properly remove sensitive information before storage or transfer in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2020-8696)
Ezra Caltum, Joseph Nuzman, Nir Shildan and Ofir Joseff discovered that some Intel(R) Processors did not properly isolate shared resources in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2020-8698)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for intel-microcode (USN-4628-3) (OID:1.3.6.1.4.1.25623.1.0.844944)
Version used: 2021-05-25T12:16:58Z
The remote host is missing an update for the 'intel-microcode' package(s) announced via the USN-4182-3 advisory.
Vulnerable package: intel-microcode Installed version: 3.20180807a.0ubuntu0.18.04.1 Fixed version: 3.20191115.1ubuntu0.18.04.2
Solution type:VendorFix
Please install the updated package(s).
'intel-microcode' package(s) on Ubuntu 19.10, Ubuntu 19.04, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
USN-4182-1 provided updated Intel Processor Microcode. A regression was discovered that caused some Skylake processors to hang after a warm reboot. This update reverts the microcode for that specific processor family.
We apologize for the inconvenience.
Original advisory details:
Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions (TSX) could expose memory contents previously stored in microarchitectural buffers to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. (CVE-2019-11135)
It was discovered that certain Intel Xeon processors did not properly restrict access to a voltage modulation interface. A local privileged attacker could use this to cause a denial of service (system crash). (CVE-2019-11139)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for intel-microcode USN-4182-3 (OID:1.3.6.1.4.1.25623.1.0.844263)
Version used: 2019-12-12T11:35:23Z
The remote host is missing one or more known mitigation(s) on Linux Kernel side for the referenced 'SRBDS - Special Register Buffer Data Sampling' hardware vulnerabilities.
The Linux Kernel on the remote host is missing the mitigation for the "srbds" hardware vulnerabilities as reported by the sysfs interface: sysfs file checked | Kernel status (SSH response) -------------------------------------------------------------------------------------------------------------------------------------------------- /sys/devices/system/cpu/vulnerabilities/srbds | sysfs file missing (cat: /sys/devices/system/cpu/vulnerabilities/srbds: No such file or directory) Notes on the "Kernel status / SSH response" column: - sysfs file missing: The sysfs interface is available but the sysfs file for this specific vulnerability is missing. This means the kernel doesn't know this vulnerability yet and is not providing any mitigation which means the target system is vulnerable. - Strings including "Mitigation:", "Not affected" or "Vulnerable" are reported directly by the Linux Kernel. - All other strings are responses to various SSH commands.
Solution type:VendorFix
Enable the mitigation(s) in the Linux Kernel or update to a more recent Linux Kernel.
Checks previous gathered information on the mitigation status reported by the Linux Kernel.
Details: Missing Linux Kernel mitigations for 'SRBDS - Special Register Buffer Data Samp... (OID:1.3.6.1.4.1.25623.1.0.108845)
Version used: 2020-08-25T06:01:08Z
| Product: | cpe:/a:linux:kernel |
| Method: | Detection of Linux Kernel mitigation status for hardware vulnerabilities (OID: 1.3.6.1.4.1.25623.1.0.108765 ) |
The host is installed with Oracle Java SE JRE and is prone to some unspecified vulnerability.
Installed version: 1.7.0update_25 Fixed version: Apply the patch
Successful exploitation will allow local attackers to manipulate certain data.
Solution type:VendorFix
Apply the patch from the referenced advisory.
Oracle Java SE 7 update 72 and prior, and 8 update 25 and prior on Linux.
The flaw is due to an error in the Serviceability component.
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE JRE Unspecified Vulnerability-02 Feb 2015 (Linux) (OID:1.3.6.1.4.1.25623.1.0.108405)
Version used: 2020-05-12T13:57:17Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The remote host is missing an update for the 'intel-microcode' package(s) announced via the USN-4985-1 advisory.
Vulnerable package: intel-microcode Installed version: 3.20180807a.0ubuntu0.18.04.1 Fixed version: 3.20210608.0ubuntu0.18.04.1
Solution type:VendorFix
Please install the updated package(s).
'intel-microcode' package(s) on Ubuntu 20.10, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS.
It was discovered that some Intel processors may not properly invalidate cache entries used by Intel Virtualization Technology for Directed I/O (VT-d). This may allow a local user to perform a privilege escalation attack. (CVE-2021-24489)
Joseph Nuzman discovered that some Intel processors may not properly apply EIBRS mitigations (originally developed for CVE-2017-5715) and hence may allow unauthorized memory reads via sidechannel attacks. A local attacker could use this to expose sensitive information, including kernel memory. (CVE-2020-24511)
Travis Downs discovered that some Intel processors did not properly flush cache-lines for trivial-data values. This may allow an unauthorized user to infer the presence of these trivial-data-cache-lines via timing sidechannel attacks. A local attacker could use this to expose sensitive information. (CVE-2020-24512)
It was discovered that certain Intel Atom processors could expose memory contents stored in microarchitectural buffers. A local attacker could use this to expose sensitive information. (CVE-2020-24513)
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu: Security Advisory for intel-microcode (USN-4985-1) (OID:1.3.6.1.4.1.25623.1.0.844973)
Version used: 2021-06-17T06:11:17Z
The host is installed with Oracle Java SE and is prone to a security vulnerability.
Installed version: 1.7.0update_25 Fixed version: Apply the patch Installation path / port: /opt/atlassian/jira/jre/bin/java
Successful exploitation will allow attackers to have an impact on confidentiality.
Solution type:VendorFix
Apply the appropriate patch from the vendor. Please see the references for more information.
Oracle Java SE version 1.7.0 to 1.7.0.221, 1.8.0 to 1.8.0.212 and 11.0 to 11.0.3 on Linux.
The flaw exists due to error in 'Security' component.
Checks if a vulnerable version is present on the target host.
Details: Oracle Java SE Security Updates (jul2019-5072835) 05 - Linux (OID:1.3.6.1.4.1.25623.1.0.815184)
Version used: 2020-10-29T15:35:19Z
| Product: | cpe:/a:oracle:jre:1.7.0:update_25 |
| Method: | Multiple Java Products Version Detection (Linux) (OID: 1.3.6.1.4.1.25623.1.0.800385 ) |
The remote host is missing an update for the 'linux' package(s) announced via the USN-4007-1 advisory.
Vulnerable package: linux-image-generic Installed version: 4.15.0.34.36 Fixed version: 4.15.0.51.53
Solution type:VendorFix
Please install the updated package(s).
'linux' package(s) on Ubuntu 18.04 LTS.
Federico Manuel Bento discovered that the Linux kernel did not properly apply Address Space Layout Randomization (ASLR) in some situations for setuid a.out binaries. A local attacker could use this to improve the chances of exploiting an existing vulnerability in a setuid a.out binary.
As a hardening measure, this update disables a.out support.
Checks if a vulnerable package version is present on the target host.
Details: Ubuntu Update for linux USN-4007-1 (OID:1.3.6.1.4.1.25623.1.0.844036)
Version used: 2019-06-06T13:02:35Z
Host 192.168.99.30
| Scanning of this host started at: | Fri Aug 27 11:41:35 2021 UTC |
| Number of results: | 5 |
Port Summary for Host 192.168.99.30
| Service (Port) | Threat Level |
|---|---|
| general/tcp | Medium |
Security Issues for Host 192.168.99.30
The remote host is missing one or more known mitigation(s) on Linux Kernel side for the referenced 'iTLB multihit' hardware vulnerabilities.
The Linux Kernel on the remote host is missing the mitigation for the "itlb_multihit" hardware vulnerabilities as reported by the sysfs interface: sysfs file checked | Kernel status (SSH response) ------------------------------------------------------------------------------------ /sys/devices/system/cpu/vulnerabilities/itlb_multihit | KVM: Vulnerable Notes on the "Kernel status / SSH response" column: - sysfs file missing: The sysfs interface is available but the sysfs file for this specific vulnerability is missing. This means the kernel doesn't know this vulnerability yet and is not providing any mitigation which means the target system is vulnerable. - Strings including "Mitigation:", "Not affected" or "Vulnerable" are reported directly by the Linux Kernel. - All other strings are responses to various SSH commands.
Solution type:VendorFix
Enable the mitigation(s) in the Linux Kernel or update to a more recent Linux Kernel.
Checks previous gathered information on the mitigation status reported by the Linux Kernel.
Details: Missing Linux Kernel mitigations for 'iTLB multihit' hardware vulnerabilities (OID:1.3.6.1.4.1.25623.1.0.108766)
Version used: 2020-08-25T06:01:08Z
| Product: | cpe:/a:linux:kernel |
| Method: | Detection of Linux Kernel mitigation status for hardware vulnerabilities (OID: 1.3.6.1.4.1.25623.1.0.108765 ) |
The remote host is missing one or more known mitigation(s) on Linux Kernel side for the referenced 'MDS - Microarchitectural Data Sampling' hardware vulnerabilities.
The Linux Kernel on the remote host is missing the mitigation for the "mds" hardware vulnerabilities as reported by the sysfs interface: sysfs file checked | Kernel status (SSH response) --------------------------------------------------------------------------------------------------------------------------- /sys/devices/system/cpu/vulnerabilities/mds | Vulnerable: Clear CPU buffers attempted, no microcode; SMT Host state unknown Notes on the "Kernel status / SSH response" column: - sysfs file missing: The sysfs interface is available but the sysfs file for this specific vulnerability is missing. This means the kernel doesn't know this vulnerability yet and is not providing any mitigation which means the target system is vulnerable. - Strings including "Mitigation:", "Not affected" or "Vulnerable" are reported directly by the Linux Kernel. - All other strings are responses to various SSH commands.
Solution type:VendorFix
Enable the mitigation(s) in the Linux Kernel or update to a more recent Linux Kernel.
Checks previous gathered information on the mitigation status reported by the Linux Kernel.
Details: Missing Linux Kernel mitigations for 'MDS - Microarchitectural Data Sampling' h... (OID:1.3.6.1.4.1.25623.1.0.108840)
Version used: 2020-08-25T06:01:08Z
| Product: | cpe:/a:linux:kernel |
| Method: | Detection of Linux Kernel mitigation status for hardware vulnerabilities (OID: 1.3.6.1.4.1.25623.1.0.108765 ) |
The remote host implements TCP timestamps and therefore allows to compute the uptime.
It was detected that the host implements RFC1323/RFC7323. The following timestamps were retrieved with a delay of 1 seconds in-between: Packet 1: 507509694 Packet 2: 507510804
A side effect of this feature is that the uptime of the remote host can sometimes be computed.
Solution type:Mitigation
To disable TCP timestamps on linux add the line 'net.ipv4.tcp_timestamps = 0' to /etc/sysctl.conf. Execute 'sysctl -p' to apply the settings at runtime.
To disable TCP timestamps on Windows execute 'netsh int tcp set global timestamps=disabled'
Starting with Windows Server 2008 and Vista, the timestamp can not be completely disabled.
The default behavior of the TCP/IP stack on this Systems is to not use the Timestamp options when initiating TCP connections, but use them if the TCP peer that is initiating communication includes them in their synchronize (SYN) segment.
See the references for more information.
TCP implementations that implement RFC1323/RFC7323.
The remote host implements TCP timestamps, as defined by RFC1323/RFC7323.
Special IP packets are forged and sent with a little delay in between to the target IP. The responses are searched for a timestamps. If found, the timestamps are reported.
Details: TCP timestamps (OID:1.3.6.1.4.1.25623.1.0.80091)
Version used: 2020-08-24T08:40:10Z
The remote host is missing one or more known mitigation(s) on Linux Kernel side for the referenced 'TAA - TSX Asynchronous Abort' hardware vulnerabilities.
The Linux Kernel on the remote host is missing the mitigation for the "tsx_async_abort" hardware vulnerabilities as reported by the sysfs interface: sysfs file checked | Kernel status (SSH response) --------------------------------------------------------------------------------------------------------------------------------------- /sys/devices/system/cpu/vulnerabilities/tsx_async_abort | Vulnerable: Clear CPU buffers attempted, no microcode; SMT Host state unknown Notes on the "Kernel status / SSH response" column: - sysfs file missing: The sysfs interface is available but the sysfs file for this specific vulnerability is missing. This means the kernel doesn't know this vulnerability yet and is not providing any mitigation which means the target system is vulnerable. - Strings including "Mitigation:", "Not affected" or "Vulnerable" are reported directly by the Linux Kernel. - All other strings are responses to various SSH commands.
Solution type:VendorFix
Enable the mitigation(s) in the Linux Kernel or update to a more recent Linux Kernel.
Checks previous gathered information on the mitigation status reported by the Linux Kernel.
Details: Missing Linux Kernel mitigations for 'TAA - TSX Asynchronous Abort' hardware vu... (OID:1.3.6.1.4.1.25623.1.0.108846)
Version used: 2020-08-25T06:01:08Z
| Product: | cpe:/a:linux:kernel |
| Method: | Detection of Linux Kernel mitigation status for hardware vulnerabilities (OID: 1.3.6.1.4.1.25623.1.0.108765 ) |
The remote host is missing one or more known mitigation(s) on Linux Kernel side for the referenced 'SRBDS - Special Register Buffer Data Sampling' hardware vulnerabilities.
The Linux Kernel on the remote host is missing the mitigation for the "srbds" hardware vulnerabilities as reported by the sysfs interface: sysfs file checked | Kernel status (SSH response) -------------------------------------------------------------------------------------------------------------------------------------------------- /sys/devices/system/cpu/vulnerabilities/srbds | sysfs file missing (cat: /sys/devices/system/cpu/vulnerabilities/srbds: No such file or directory) Notes on the "Kernel status / SSH response" column: - sysfs file missing: The sysfs interface is available but the sysfs file for this specific vulnerability is missing. This means the kernel doesn't know this vulnerability yet and is not providing any mitigation which means the target system is vulnerable. - Strings including "Mitigation:", "Not affected" or "Vulnerable" are reported directly by the Linux Kernel. - All other strings are responses to various SSH commands.
Solution type:VendorFix
Enable the mitigation(s) in the Linux Kernel or update to a more recent Linux Kernel.
Checks previous gathered information on the mitigation status reported by the Linux Kernel.
Details: Missing Linux Kernel mitigations for 'SRBDS - Special Register Buffer Data Samp... (OID:1.3.6.1.4.1.25623.1.0.108845)
Version used: 2020-08-25T06:01:08Z
| Product: | cpe:/a:linux:kernel |
| Method: | Detection of Linux Kernel mitigation status for hardware vulnerabilities (OID: 1.3.6.1.4.1.25623.1.0.108765 ) |
Host 192.168.99.25
| Scanning of this host started at: | Fri Aug 27 11:41:35 2021 UTC |
| Number of results: | 2 |
Port Summary for Host 192.168.99.25
| Service (Port) | Threat Level |
|---|---|
| 443/tcp | Medium |
| general/tcp | Low |
Security Issues for Host 192.168.99.25
It was possible to detect the usage of the deprecated TLSv1.0 and/or TLSv1.1 protocol on this system.
In addition to TLSv1.2+ the service is also providing the deprecated TLSv1.1 protocol and supports one or more ciphers. Those supported ciphers can be found in the 'SSL/TLS: Report Weak and Supported Ciphers' (OID: 1.3.6.1.4.1.25623.1.0.802067) VT.
An attacker might be able to use the known cryptographic flaws to eavesdrop the connection between clients and the service to get access to sensitive data transferred within the secured connection.
Furthermore newly uncovered vulnerabilities in this protocols won't receive security updates anymore.
Solution type:Mitigation
It is recommended to disable the deprecated TLSv1.0 and/or TLSv1.1 protocols in favor of the TLSv1.2+ protocols. Please see the references for more information.
All services providing an encrypted communication using the TLSv1.0 and/or TLSv1.1 protocols.
The TLSv1.0 and TLSv1.1 protocols contain known cryptographic flaws like:
- CVE-2011-3389: Browser Exploit Against SSL/TLS (BEAST)
- CVE-2015-0204: Factoring Attack on RSA-EXPORT Keys Padding Oracle On Downgraded Legacy Encryption (FREAK)
Check the used TLS protocols of the services provided by this system.
Details: SSL/TLS: Deprecated TLSv1.0 and TLSv1.1 Protocol Detection (OID:1.3.6.1.4.1.25623.1.0.117274)
Version used: 2021-03-29T06:11:47Z
The remote host implements TCP timestamps and therefore allows to compute the uptime.
It was detected that the host implements RFC1323/RFC7323. The following timestamps were retrieved with a delay of 1 seconds in-between: Packet 1: 168308490 Packet 2: 168308765
A side effect of this feature is that the uptime of the remote host can sometimes be computed.
Solution type:Mitigation
To disable TCP timestamps on linux add the line 'net.ipv4.tcp_timestamps = 0' to /etc/sysctl.conf. Execute 'sysctl -p' to apply the settings at runtime.
To disable TCP timestamps on Windows execute 'netsh int tcp set global timestamps=disabled'
Starting with Windows Server 2008 and Vista, the timestamp can not be completely disabled.
The default behavior of the TCP/IP stack on this Systems is to not use the Timestamp options when initiating TCP connections, but use them if the TCP peer that is initiating communication includes them in their synchronize (SYN) segment.
See the references for more information.
TCP implementations that implement RFC1323/RFC7323.
The remote host implements TCP timestamps, as defined by RFC1323/RFC7323.
Special IP packets are forged and sent with a little delay in between to the target IP. The responses are searched for a timestamps. If found, the timestamps are reported.
Details: TCP timestamps (OID:1.3.6.1.4.1.25623.1.0.80091)
Version used: 2020-08-24T08:40:10Z
|
Contact Binary Confidence s.r.o. Špitálska 53, 811 01 Bratislava Slovak Republic info@binaryconfidence.com www.binaryconfidence.com |