[Forgot Password]
Login  Register Subscribe

24547

 
 

132803

 
 

127844

 
 

909

 
 

105823

 
 

152

Paid content will be excluded from the download.


Download | Alert*


oval:org.secpod.oval:def:54968
python-urllib3: HTTP library with thread-safe connection pooling for Python Several security issues were fixed in urllib3.

oval:org.secpod.oval:def:705084
patch: Apply a diff file to an original Several security issues were fixed in Patch.

oval:org.secpod.oval:def:1902005
snap-confine as included in snapd before 2.39 did not guard against symlink races when performing the chdir to the current working directory of the calling user, aka a "cwd restore permission bypass."

oval:org.secpod.oval:def:1902126
libqb-dev before 1.0.5 allows local users to overwrite arbitrary files via a symlink attack, because it uses predictable filenames without O_EXCL.

oval:org.secpod.oval:def:1901961
A flaw was found in Mercurial before 4.9. It was possible to use symlinks and subrepositories to defeat Mercurial"s path-checking logic and write files outside a repository.

oval:org.secpod.oval:def:1902113
An error within the "parse_tiff_ifd" function in LibRaw versions before 0.18.2 can be exploited to corrupt memory.

oval:org.secpod.oval:def:1901981
In the client side of Heimdal before 7.6.0, failure to verify anonymous PKINIT PA-PKINIT-KX key exchange permits a man-in-the-middle attack. This issue is in krb5_init_creds_step in lib/krb5/init_creds_pw.c.

oval:org.secpod.oval:def:1901952
It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will b ...

oval:org.secpod.oval:def:1902110
The CalDAV feature in httpd in Cyrus IMAP 2.5.x through 2.5.12 and 3.0.x through 3.0.9 allows remote attackers to execute arbitrary code via a crafted HTTP PUT operation for an event with a long iCalendar property name.

oval:org.secpod.oval:def:1901918
utils/find-opencv.js in node-opencv prior to 6.1.0 is vulnerable to Command Injection. It does not validate user input allowing attackers to execute arbitrary commands.

oval:org.secpod.oval:def:1902016
Unrestricted file upload in OCS Inventory NG ocsreports allows a privileged user to gain access to the server via crafted HTTP requests.

oval:org.secpod.oval:def:1901919
A heap-based buffer over-read was discovered in wasm::WasmBinaryBuilder::visitCall in wasm-binary.cpp in Binaryen 1.38.22. A crafted wasm input can cause a segmentation fault, leading to denial-of-service, as demonstrated by wasm-merge.

oval:org.secpod.oval:def:1901956
The studio profile decoder in libavcodec/mpeg4videodec.c in FFmpeg 4.0 before 4.0.4 and 4.1 before 4.1.2 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted MPEG-4 video data.

oval:org.secpod.oval:def:1901949
In FFmpeg 4.1, a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska format, because ff_htmlmarkup_to_ass in libavcodec/htmlsubtitles.c has a complex format argument to sscanf.

oval:org.secpod.oval:def:704993
db5.3: Berkeley DB Utilities Berkeley DB could be made to expose sensitive information.

oval:org.secpod.oval:def:1901967
An issue was discovered in GNU libiberty-dev, as distributed in GNU Binutils 2.32. It is a heap-based buffer over-read in d_expression_1 in cp-demangle.c after many recursive calls.

oval:org.secpod.oval:def:1901945
A denial of service in the subtitle decoder in FFmpeg 4.1 allows attackers to hog the CPU via a crafted video file in Matroska format, because handle_open_brace in libavcodec/htmlsubtitles.c has a complex format argument to sscanf.

oval:org.secpod.oval:def:1902119
In wnm_parse_neighbor_report_elem of wnm_sta.c, there is a possible out-of-bounds read due to missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 ...

oval:org.secpod.oval:def:54575
ffmpeg: Tools for transcoding, streaming and playing of multimedia files FFmpeg could be made to crash if it opened a specially crafted file.

oval:org.secpod.oval:def:1902040
Out-of-bounds read in iconv.c:_php_iconv_mime_decode due to integer overflow

oval:org.secpod.oval:def:704953
libmediainfo: library reading metadata from media files MediaInfo could be made to crash if it opened a specially crafted file.

oval:org.secpod.oval:def:1901973
An out-of-bounds read in File__Analyze::Get_L8 in File__Analyze_Buffer.cpp in MediaInfoLib in MediaArea MediaInfo 18.12 leads to a crash.

oval:org.secpod.oval:def:1901974
An out-of-bounds read in MediaInfoLib::File__Tags_Helper::Synched_Test in Tag/File__Tags.cpp in MediaInfoLib in MediaArea MediaInfo 18.12 leads to a crash.

oval:org.secpod.oval:def:1902034
SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables.

oval:org.secpod.oval:def:1902031
Capstone 3.0.4 has an out-of-bounds vulnerability in X86_insn_reg_intel in arch/X86/X86Mapping.c.

oval:org.secpod.oval:def:704924
memcached: high-performance memory object caching system Memcached could be made to crash if it received specially crafted network traffic.

oval:org.secpod.oval:def:1901923
An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_ipv6_l4proto located at get.c. This can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service or possibly have unspecified other ...

oval:org.secpod.oval:def:1901926
An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_layer4_v6 located at get.c. This can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service or possibly have unspecified other im ...

oval:org.secpod.oval:def:1901957
An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c allows a NULL pointer dereference.

oval:org.secpod.oval:def:1901960
The EAP-pwd implementation in hostapd before 2.8 and wpasupplicant_supplicant before 2.8 does not validate fragmentation reassembly state properly for a case where an unexpected fragment could be received. This could result in process termination due to a NULL pointer dereference . This affects ea ...

oval:org.secpod.oval:def:1902136
Jonathan Looney discovered that the Linux kernel could be coerced into segmenting responses into multiple TCP segments. A remote attacker could construct an ongoing sequence of requests to cause a denial of service.

oval:org.secpod.oval:def:1901934
[Crafted null dereference attack in authenticated mode 6 packet]

oval:org.secpod.oval:def:1901943
libavcodec/hevcdec.c in FFmpeg 4.1.2 mishandles detection of duplicate first slices, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted HEVC data.

oval:org.secpod.oval:def:1902047
An issue was discovered in CImg v.220. DoS occurs when loading a crafted bmp image that triggers an allocation failure in load_bmp in CImg.h.

oval:org.secpod.oval:def:705017
linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-raspi2: Linux kernel for Raspberry Pi 2 - linux-snapdragon: Linux kernel for Snapdragon processors - li ...

oval:org.secpod.oval:def:54577
wpa: client support for WPA and WPA2 wpa_supplicant and hostapd could be made to crash if they received specially crafted network traffic.

oval:org.secpod.oval:def:1902000
Cross-site scripting vulnerability in the link dialogue in GUI editor in MoinMoin before 1.9.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

oval:org.secpod.oval:def:1901969
An issue was discovered in GNU libiberty-dev, as distributed in GNU Binutils 2.32. It is a stack consumption issue in d_count_templates_scopes in cp-demangle.c after many recursive calls.

oval:org.secpod.oval:def:55664
ceph: distributed storage and file system Several security issues were fixed in Ceph.

oval:org.secpod.oval:def:704944
samba: SMB/CIFS file, print, and login server for Unix Samba could allow unintended access to network services.

oval:org.secpod.oval:def:704925
python-gnupg: Python wrapper for the GNU Privacy Guard Several security issues were fixed in python-gnupg

oval:org.secpod.oval:def:1901916
An issue was discovered in Tcpreplay 4.3.1. An invalid memory access occurs in do_checksum in checksum.c. It can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service or possibly have unspecified other impact.

oval:org.secpod.oval:def:1902007
The hesiod_init function in lib/hesiod.c in Hesiod 3.2.1 compares EUID with UID to determine whether to use configurations from environment variables, which allows local users to gain privileges via the HESIOD_CONFIG or HES_DOMAIN environment variable and leveraging certain SUID/SGUID binary.

oval:org.secpod.oval:def:1901955
It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially differe ...

oval:org.secpod.oval:def:705049
znc: advanced modular IRC bouncer znc could be made to crash or run programs as an administrator if it opened a specially crafted file.

oval:org.secpod.oval:def:704995
php7.2: HTML-embedded scripting language interpreter - php7.0: HTML-embedded scripting language interpreter Several security issues were fixed in PHP.

oval:org.secpod.oval:def:1902010
It was found that system umask policy is not being honored when creating XDG user directories, since Xsession sources xdg-user-dirs.sh before setting umask policy. This only affects xdg-user-dirs before 0.15.5 as shipped with Red Hat Enterprise Linux.

oval:org.secpod.oval:def:1902013
Insecure permissions for systemd socket for virtlockd/virtlogd The virtlockd-admin.socket and virtlogd-admin.socket unit files do not set the SocketMode parameter and thus create a world accessible UNIX domain socket. Furthermore the code fails to validate the identity of clients connecting to these ...

oval:org.secpod.oval:def:1901964
An issue was discovered in GNOME Nautilus 3.30 prior to 3.30.6 and 3.32 prior to 3.32.1. A compromised thumbnailer may escape the bubblewrap sandbox used to confine thumbnailers by using the TIOCSTI ioctl to push characters into the input buffer of the thumbnailer"s controlling terminal, allowing an ...

oval:org.secpod.oval:def:1901966
When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.29, 7.2.x below 7.2.18 and 7.3.x below 7.3.5 can be caused to read past allocated buffer in exif_process_IFD_TAG function. This may lead to information disclosure or crash.

oval:org.secpod.oval:def:1901948
An issue was discovered in SoX 14.4.2. One of the arguments to bitrv2 in fft4g.c is not guarded, such that it can lead to write access outside of the statically declared array, aka a stack-based buffer overflow.

oval:org.secpod.oval:def:1901941
gpsd versions 2.90 to 3.17 and microjson versions 1.0 to 1.3, an open source project, allow a stack-based buffer overflow, which may allow remote attackers to execute arbitrary code on embedded platforms via traffic on Port 2947/TCP or crafted JSON inputs.

oval:org.secpod.oval:def:704975
libseccomp: library for working with the Linux seccomp filter libseccomp could allow unintended access to system calls.

oval:org.secpod.oval:def:1902044
heap-buffer-overflow on php_jpg_get16

oval:org.secpod.oval:def:1901997
The read_config_file function in lib/hesiod.c in Hesiod 3.2.1 falls back to the ".athena.mit.edu" default domain when opening the configuration file fails, which allows remote attackers to gain root privileges by poisoning the DNS cache.

oval:org.secpod.oval:def:704934
ghostscript: PostScript and PDF interpreter Ghostscript could be made to crash, access files, or run programs if it opened a specially crafted file.

oval:org.secpod.oval:def:704933
monit: utility for monitoring and managing daemons or similar programs Several security issues were fixed in Monit

oval:org.secpod.oval:def:704913
freeradius: high-performance and highly configurable RADIUS server FreeRADIUS could be made to bypass authentication if it received a specially crafted input.

oval:org.secpod.oval:def:1901925
FFMPEG version 4.1 contains a CWE-129: Improper Validation of Array Index vulnerability in libavcodec/cbs_av1.c that can result in Denial of service. This attack appears to be exploitable via specially crafted AV1 file has to be provided as input. This vulnerability appears to have been fixed in aft ...

oval:org.secpod.oval:def:1902054
aa_read_header in libavformat/aadec.c in FFmpeg before 3.2.14 does not check for sscanf failure and consequently allows use of uninitialized variables.

oval:org.secpod.oval:def:705077
libreoffice: Office productivity suite Several security issues were fixed in LibreOffice.

oval:org.secpod.oval:def:1901979
An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.2. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n followed by an HTTP header or a Redis command.

oval:org.secpod.oval:def:704915
advancecomp: collection of recompression utilities Details: USN-3936-1 fixed a vulnerability in AdvanceCOMP. This update provides the corresponding update for Ubuntu 19.04. Original advisory AdvanceCOMP could be made to run arbitrary code if it opened a specially crafted file.

oval:org.secpod.oval:def:1901921
lighttpd before 1.4.54 has a signed integer overflow, which might allow remote attackers to cause a denial of service or possibly have unspecified other impact via a malicious HTTP GET request, as demonstrated by mishandling of /%2F? in burl_normalize_2F_to_slash_fix in burl.c.

oval:org.secpod.oval:def:1901950
An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c has an integer overflow on the result of multiplication fed into malloc. When the buffer is allocated, it is smaller than expected, leading to a heap-based buffer overflow.

oval:org.secpod.oval:def:705056
docker.io: Linux container runtime Docker could be made to overwrite files as the administrator.

oval:org.secpod.oval:def:704989
linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-raspi2: Linux kernel for Raspberry Pi 2 - linux-snapdragon: Linux kernel for Snapdragon processors Seve ...

oval:org.secpod.oval:def:1901944
An issue was discovered in SoX 14.4.2. In xmalloc.h, there is an integer overflow on the result of multiplication fed into the lsx_valloc macro that wraps malloc. When the buffer is allocated, it is smaller than expected, leading to a heap-based buffer overflow in channels_start in remix.c.

oval:org.secpod.oval:def:1901995
An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel before 5.0.8. There is a race condition leading to a use-after-free, related to net namespace cleanup.

oval:org.secpod.oval:def:1901915
Netatalk before 3.1.12 is vulnerable to an out of bounds write in dsi_opensess.c. This is due to lack of bounds checking on attacker controlled data. A remote unauthenticated attacker can leverage this vulnerability to achieve arbitrary code execution.

oval:org.secpod.oval:def:1902120
In OpenJPEG 2.3.0, a stack-based buffer overflow was discovered in the pgxtoimage function in jpwl/convert.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly remote code execution.

oval:org.secpod.oval:def:1902039
An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c has race conditions because the admin backend doesn"t implement query_info_on_read/write.

oval:org.secpod.oval:def:1902038
An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c mishandles file ownership because setfsuid is not used.

oval:org.secpod.oval:def:1902035
An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c mishandles a file"s user and group ownership during move operations from admin:// to file:// URIs, because root privileges are unavailable.

oval:org.secpod.oval:def:1901914
ARM Trusted Firmware-A allows information disclosure.

oval:org.secpod.oval:def:1901917
An incorrect permissions check was discovered in libvirt-dev 4.8.0 and above. The readonly permission was allowed to invoke APIs depending on the guest agent, which could lead to potentially disclosing unintended information or denial of service by causing libvirt to block.

oval:org.secpod.oval:def:705078
squid: Web proxy cache server - squid3: Web proxy cache server Several security issues were fixed in Squid.

oval:org.secpod.oval:def:1902121
In Horde Groupware 5.2.19, there is XSS via the Name field during creation of a new Resource. This can be leveraged for remote code execution after compromising an administrator account, because the CVE-2015-7984 CSRF protection mechanism can then be bypassed.

oval:org.secpod.oval:def:1902105
Privileged API responses that include whether a recent change has been patrolled may be cached publicly.

oval:org.secpod.oval:def:1902108
Loading user JavaScript from a non-existent account allows anyone to create the account, and XSS the users" loading that script.

oval:org.secpod.oval:def:704972
thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird.

oval:org.secpod.oval:def:1902043
AdminURLFieldWidget XSS

oval:org.secpod.oval:def:1902051
In Yubico libpam-u2f 1.0.7, when configured with debug and a custom debug log file is set using debug_file, that file descriptor is not closed when a new process is spawned. This leads to the file descriptor being inherited into the child process; the child process can then read from and write to it ...

oval:org.secpod.oval:def:704957
firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website.

oval:org.secpod.oval:def:705085
ansible: Configuration management, deployment, and task execution system Several security issues were fixed in Ansible.

oval:org.secpod.oval:def:1901951
aria2c in aria2 1.33.1, when --log is used, can store an HTTP Basic Authentication username and password in a file, which might allow local users to obtain sensitive information by reading this file.

oval:org.secpod.oval:def:1901935
Eval injection vulnerability in php-gettext 1.0.12 and earlier allows remote attackers to execute arbitrary PHP code via a crafted plural forms header.

oval:org.secpod.oval:def:1901937
TeX Live through 20170524 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL, related to linked_scripts/context/stubs/unix/mtxrun, texmf-dist/scripts/context/ ...

oval:org.secpod.oval:def:1901936
Bundler 1.x might allow remote attackers to inject arbitrary Ruby code into an application by leveraging a gem name collision on a secondary source. NOTE: this might overlap CVE-2013-0334.

oval:org.secpod.oval:def:1902045
In Godot through 3.1, remote code execution is possible due to the deserialization policy not being applied correctly.

oval:org.secpod.oval:def:54573
aria2: High speed command-line download utility aria2 stores authentication information in plain text.

oval:org.secpod.oval:def:1901970
An issue was discovered in TCPDF before 6.2.22. Attackers can trigger deserialization of arbitrary data via the phar:// wrapper.

oval:org.secpod.oval:def:1902053
An issue was discovered in phpMyAdmin before 4.8.6. A vulnerability was reported where a specially crafted database name can be used to trigger an SQL injection attack through the designer feature.

oval:org.secpod.oval:def:1902052
An issue was discovered in phpMyAdmin before 4.9.0. A vulnerability was found that allows an attacker to trigger a CSRF attack against a phpMyAdmin user. The attacker can trick the user, for instance through a broken <img> tag pointing at the victim"s phpMyAdmin database, and the attacker can ...

oval:org.secpod.oval:def:55182
The grub boot loader should have password protection enabled.

oval:org.secpod.oval:def:55183
The grub configuration file contains information on boot settings and passwords for unlocking boot options. The grub configuration is usually grub.cfg stored in /boot/grub.

oval:org.secpod.oval:def:55180
The /etc/hosts.allow file contains networking information that is used by many applications and therefore must be readable for these applications to operate.

oval:org.secpod.oval:def:55181
Global IPv6 initialization should be disabled.

oval:org.secpod.oval:def:55186
The system's default desktop environment, GNOME, will mount devices and removable media (such as DVDs, CDs and USB flash drives) whenever they are inserted into the system. Disable automount and autorun within GNOME.

oval:org.secpod.oval:def:55187
The kernel module tipc should be disabled.

oval:org.secpod.oval:def:55184
The kernel runtime parameter "kernel.randomize_va_space" should be set to "2".

oval:org.secpod.oval:def:55185
Core dumps for all users should be disabled

oval:org.secpod.oval:def:55188
chargen is a network service that responds with 0 to 512 ASCII characters for each connection it receives. This service is intended for debugging and testing purposes. It is recommended that this service be disabled.

oval:org.secpod.oval:def:55189
The kernel module rds should be disabled.

oval:org.secpod.oval:def:55190
Once the rsyslog package is installed it needs to be activated. If the rsyslog service is not activated the system will not have a syslog service running

oval:org.secpod.oval:def:55193
The Berkeley rsh-server (rsh, rlogin, rcp) package contains legacy services that exchange credentials in clear-text.

oval:org.secpod.oval:def:55194
The eXtended InterNET Daemon ( xinetd ) is an open source super daemon that replaced the original inetd daemon. The xinetd daemon listens for well known services and dispatches the appropriate daemon to properly respond to service requests.

oval:org.secpod.oval:def:55191
max_log_file setting in /etc/audit/auditd.conf is set to at least a certain value

oval:org.secpod.oval:def:55192
The talk software makes it possible for users to send and receive messages across systems through a terminal session. The talk client (allows initiate of talk sessions) is installed by default.

oval:org.secpod.oval:def:55197
The kernel module dccp should be disabled.

oval:org.secpod.oval:def:55198
Implement periodic file checking, in compliance with site policy.

oval:org.secpod.oval:def:55195
The kernel module sctp should be disabled.

oval:org.secpod.oval:def:55196
Trivial File Transfer Protocol (TFTP) is a simple file transfer protocol, typically used to automatically transfer configuration or boot machines from a boot server. The packages tftp and atftp are both used to define and support a TFTP server.

oval:org.secpod.oval:def:55199
Syslog logs should be sent to a remote loghost

oval:org.secpod.oval:def:704917
bind9: Internet Domain Name Server Bind could be made to consume resources if it received specially crafted network traffic.

oval:org.secpod.oval:def:704914
Ubuntu 19.04 is installed

oval:org.secpod.oval:def:55094
The Set Lockout Time For Failed Password Attempts should be set correctly.

oval:org.secpod.oval:def:55095
The minimum password age policy should be set appropriately.

oval:org.secpod.oval:def:55098
The maximum password age policy should meet minimum requirements.

oval:org.secpod.oval:def:55099
The /etc/group file contains a list of all the valid groups defined in the system. The command below allows read/write access for root and read access for everyone else.

oval:org.secpod.oval:def:55096
The kernel runtime parameter "net.ipv6.conf.default.accept_ra" should be set to "0".

oval:org.secpod.oval:def:55097
The pam_cracklib module checks the strength of passwords. It performs checks such as making sure a password is not a dictionary word, it is a certain length, contains a mix of characters (e.g. alphabet, numeric, other) and more. The following are definitions of the pam_cracklib.so options. * retr ...

oval:org.secpod.oval:def:55142
The prelinking feature changes binaries in an attempt to decrease their startup time.

oval:org.secpod.oval:def:55143
By default, rsyslog does not listen for log messages coming in from remote systems. The ModLoad tells rsyslog to load the imtcp.so module so it can listen over a network via TCP. The InputTCPServerRun option instructs rsyslogd to listen on the specified TCP port. The guidance in the section ensures ...

oval:org.secpod.oval:def:55140
Monitor the use of system calls associated with the deletion or renaming of files and file attributes. This configuration statement sets up monitoring for the unlink (remove a file), unlinkat (remove a file attribute), rename (rename a file) and renameat (rename a file attribute) system calls and ta ...

oval:org.secpod.oval:def:55141
Monitor the use of the mount system call. The mount (and umount) system call controls the mounting and unmounting of file systems. The parameters below configure the system to create an audit record when the mount system call is used by a non-privileged user. It is highly unusual for a non privileg ...

oval:org.secpod.oval:def:55146
Monitor scope changes for system administrations. If the system has been properly configured to force system administrators to log in as themselves first and then use the sudo command to execute privileged commands, it is possible to monitor changes in scope. The file /etc/sudoers will be written t ...

oval:org.secpod.oval:def:55147
Set system audit so that audit rules cannot be modified with auditctl. Setting the flag "-e 2" forces audit to be put in immutable mode. Audit changes can only be made on system reboot. In immutable mode, unauthorized users cannot execute changes to the audit system to potentially hide malicious ac ...

oval:org.secpod.oval:def:55144
The Network Information Service (NIS), formerly known as Yellow Pages, is a client-server directory service protocol used to distribute system configuration files.

oval:org.secpod.oval:def:55145
Monitor the sudo log file. If the system has been properly configured to disable the use of the su command and force all administrators to have to log in first and then use sudo to execute privileged commands, then all administrator commands will be logged to /var/log/sudo.log. Any time a command is ...

oval:org.secpod.oval:def:55139
Monitor for unsuccessful attempts to access files. The parameters below are associated with system calls that control creation (creat), opening (open, openat) and truncation (truncate, ftruncate) of files. An audit log record will only be written if the user is a nonprivileged user (auid > = 500), i ...

oval:org.secpod.oval:def:55137
Record changes to network environment files or system calls. The below parameters monitor the sethostname (set the systems host name) or setdomainname (set the systems domainname) system calls, and write an audit event on system call exit. The other parameters monitor the /etc/issue and /etc/issue.n ...

oval:org.secpod.oval:def:55138
Record events affecting the group, passwd (user IDs), shadow and gshadow (passwords) or /etc/security/opasswd (old passwords, based on remember parameter in the PAM configuration) files. The parameters in this section will watch the files to see if they have been opened for write or have had attribu ...

oval:org.secpod.oval:def:55150
The rsh package contains the client commands for the rsh services.

oval:org.secpod.oval:def:55153
The DPKG package 'aide' should be installed.

oval:org.secpod.oval:def:55154
The Lightweight Directory Access Protocol (LDAP) was introduced as a replacement for NIS/YP. It is a service that provides a method for looking up information from a central database.

oval:org.secpod.oval:def:55151
The DPKG package 'xserver-xorg-core' should be removed.

oval:org.secpod.oval:def:55152
The telnet service should be enabled or disabled as appropriate.

oval:org.secpod.oval:def:55157
TCP Wrappers provides a simple access list and standardized logging method for services capable of supporting it. In the past, services that were called from inetd and xinetd supported the use of tcp wrappers. As inetd and xinetd have been falling in disuse, any service that can support tcp wrappers ...

oval:org.secpod.oval:def:55158
Remote connections (SSH) from accounts with empty passwords should be disabled (and dependencies are met).

oval:org.secpod.oval:def:55155
The Network Time Protocol (NTP) is designed to synchronize system clocks across a variety of systems and use a source that is highly accurate. More information on NTP can be found at http://www.ntp.org. NTP can be configured to be a client and/or a server.

oval:org.secpod.oval:def:55156
The DPKG package 'rsyslog' should be installed.

oval:org.secpod.oval:def:55148
Monitor the loading and unloading of kernel modules. The programs insmod (install a kernel module), rmmod (remove a kernel module), and modprobe (a more sophisticated program to load and unload modules, as well as some other features) control loading and unloading of modules. The init_module (load a ...

oval:org.secpod.oval:def:55149
The talk software makes it possible for users to send and receive messages across systems through a terminal session.

oval:org.secpod.oval:def:55160
The kernel module cramfs should be disabled.

oval:org.secpod.oval:def:55161
The Banner parameter specifies a file whose contents must be sent to the remote user before authentication is permitted. By default, no banner is displayed.

oval:org.secpod.oval:def:55164
Emulation of the rsh command through the ssh server should be disabled (and dependencies are met)

oval:org.secpod.oval:def:55165
The kernel module udf should be disabled.

oval:org.secpod.oval:def:55162
IPtables is an application that allows a system administrator to configure the IPv4 tables, chains and rules provided by the Linux kernel firewall. ufw was developed to ease IPtables firewall configuration.

oval:org.secpod.oval:def:55163
The two options ClientAliveInterval and ClientAliveCountMax control the timeout of ssh sessions. When the ClientAliveInterval variable is set, ssh sessions that have no activity for the specified length of time are terminated. When the ClientAliveCountMax variable is set, sshd will send client alive ...

oval:org.secpod.oval:def:55168
The kernel runtime parameter "net.ipv4.icmp_echo_ignore_broadcasts" should be set to "1".

oval:org.secpod.oval:def:55169
The kernel runtime parameter "net.ipv4.tcp_syncookies" should be set to "1".

oval:org.secpod.oval:def:55166
The kernel runtime parameter "net.ipv4.icmp_ignore_bogus_error_responses" should be set to "1".

oval:org.secpod.oval:def:55167
The squashfs Kernel Module should be disabled.

oval:org.secpod.oval:def:55159
SSH's cryptographic host-based authentication is more secure than .rhosts authentication. However, it is not recommended that hosts unilaterally trust one another, even within an organization.

oval:org.secpod.oval:def:55171
Install and turn on the auditd daemon to record system events. The capturing of system events provides system administrators with information to allow them to determine if unauthorized access to their system is occurring

oval:org.secpod.oval:def:55172
The kernel module jffs2 should be disabled.

oval:org.secpod.oval:def:55170
The kernel runtime parameter "net.ipv4.conf.all.rp_filter" should be set to "1".

oval:org.secpod.oval:def:55175
The kernel module hfsplus should be disabled.

oval:org.secpod.oval:def:55176
The kernel runtime parameter "net.ipv4.conf.all.log_martians" should be set to "1".

oval:org.secpod.oval:def:55173
The kernel module freevxfs should be disabled.

oval:org.secpod.oval:def:55174
The file /etc/securetty contains a list of valid terminals that may be logged in directly as root.

oval:org.secpod.oval:def:55179
The kernel runtime parameter "net.ipv6.conf.default.accept_redirects" should be set to "0".

oval:org.secpod.oval:def:55177
The kernel module hfs should be disabled.

oval:org.secpod.oval:def:55178
File permission for '/etc/hosts.deny' is set to appropriate values.

oval:org.secpod.oval:def:1901959
Byobu Apport hook may disclose sensitive information since it automatically uploads the local user"s .screenrc which may contain private hostnames, usernames and passwords.

oval:org.secpod.oval:def:55102
This test makes sure that '/etc/shadow' file permission is setted as appropriate. If the target file or directory has an extended ACL then it will fail the mode check.

oval:org.secpod.oval:def:55103
The /etc/shadow file contains the one-way cipher text passwords for each user defined in the /etc/passwd file. The command below sets the user and group ownership of the file to root.

oval:org.secpod.oval:def:55100
Only SSH protocol version 2 connections should be permitted.

oval:org.secpod.oval:def:55101
Root login via SSH should be disabled (and dependencies are met)

oval:org.secpod.oval:def:55216
The /etc/cron.daily directory contains system cron jobs that need to run on a daily basis. The files in this directory cannot be manipulated by the crontab command, but are instead edited by system administrators using a text editor. The commands below restrict read/write and search access to user a ...

oval:org.secpod.oval:def:55217
The File Transfer Protocol (FTP) provides networked computers with the ability to transfer files.

oval:org.secpod.oval:def:55214
The Dynamic Host Configuration Protocol (DHCP) is a service that allows machines to be dynamically assigned IP addresses.

oval:org.secpod.oval:def:55215
Dovecot is an open source IMAP and POP3 server for Linux based systems.

oval:org.secpod.oval:def:55218
This directory contains system cron jobs that need to run on an hourly basis. The files in this directory cannot be manipulated by the crontab command, but are instead edited by system administrators using a text editor. The commands below restrict read/write and search access to user and group root ...

oval:org.secpod.oval:def:55110
The kernel runtime parameter "net.ipv4.ip_forward" should be set to "0".

oval:org.secpod.oval:def:55113
Squid is a standard proxy server used in many distributions and environments.

oval:org.secpod.oval:def:55114
The PermitUserEnvironment option allows users to present environment options to the ssh daemon.

oval:org.secpod.oval:def:55111
The Samba daemon allows system administrators to configure their Linux systems to share file systems and directories with Windows desktops. Samba will advertise the file systems and directories via the Small Message Block (SMB) protocol. Windows desktop users will be able to mount these directories ...

oval:org.secpod.oval:def:55112
The Simple Network Management Protocol (SNMP) server is used to listen for SNMP commands from an SNMP management system, execute the commands or collect the information and then send results back to the requesting system.

oval:org.secpod.oval:def:55106
The passwords to remember should be set correctly.

oval:org.secpod.oval:def:55107
The rsyncd service can be used to synchronize files between systems over network links.

oval:org.secpod.oval:def:55104
The /etc/passwd file contains a list of all the valid userIDs defined in the system, but not the passwords. The command below sets the owner and group of the file to root.

oval:org.secpod.oval:def:55105
File permission for '/etc/ssh/sshd_config' is set to appropriate values.

oval:org.secpod.oval:def:55108
Mail Transfer Agents (MTA), such as sendmail and Postfix, are used to listen for incoming mail and transfer the messages to the appropriate user or mail server. If the system is not intended to be a mail server, it is recommended that the MTA be configured to only process local mail.

oval:org.secpod.oval:def:55109
The kernel runtime parameter "net.ipv4.conf.all.send_redirects" should be set to "0".

oval:org.secpod.oval:def:704999
firefox: Mozilla Open Source web browser Details: USN-3991-1 fixed vulnerabilities in Firefox. The update caused a regression which resulted in issues when upgrading between Ubuntu releases. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-3991-1 caused a regr ...

oval:org.secpod.oval:def:705036
policykit-desktop-privileges: run common desktop actions without password A security improvement has been made to policykit-desktop-privileges.

oval:org.secpod.oval:def:55120
The MaxAuthTries parameter specifies the maximum number of authentication attempts permitted per connection. When the login failure count reaches half the number, error messages will be written to the syslog file detailing the login failure.

oval:org.secpod.oval:def:55121
The kernel runtime parameter "net.ipv4.conf.default.secure_redirects" should be set to "0".

oval:org.secpod.oval:def:55124
File permissions for '/etc/group' should be set correctly.

oval:org.secpod.oval:def:55125
The default umask for all users specified in /etc/login.defs

oval:org.secpod.oval:def:1902109
A code injection issue was discovered in PyXDG before 0.26 via crafted Python code in a Category element of a Menu XML document in a .menu file. XDG_CONFIG_DIRS must be set up to trigger xdg.Menu.parse parsing within the directory containing this file. This is due to a lack of sanitization in xdg/Me ...

oval:org.secpod.oval:def:55122
The X11Forwarding parameter provides the ability to tunnel X11 traffic through the connection to enable remote graphic connections.

oval:org.secpod.oval:def:55123
The Set Password Warning Age should be set appropriately.

oval:org.secpod.oval:def:55117
The kernel runtime parameter "net.ipv4.conf.default.accept_redirects" should be set to "0".

oval:org.secpod.oval:def:55118
The Kernel Parameter for Accepting Source-Routed Packets By Default should be enabled or disabled as appropriate. The kernel runtime parameter "net.ipv4.conf.default.accept_source_route" should be set to "0".

oval:org.secpod.oval:def:55115
The su command allows a user to run a command or shell as another user. The program has been superseded by sudo, which allows for more granular control over privileged access. Normally, the su command can be executed by any user. By uncommenting the pam_wheel.so statement in /etc/pam.d/su, the su co ...

oval:org.secpod.oval:def:55116
There are several options available to limit which users and group can access the system via SSH. It is recommended that at least one of the following options be leveraged: AllowUsers The AllowUsers variable gives the system administrator the option of allowing specific users to ssh into the syste ...

oval:org.secpod.oval:def:55119
The INFO parameter specifies that record login and logout activity will be logged.

oval:org.secpod.oval:def:1902114
An error related to the "LibRaw::panasonic_load_raw" function in LibRaw versions prior to 0.18.6 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash via a specially crafted TIFF image.

oval:org.secpod.oval:def:55131
Monitor login and logout events. The parameters below track changes to files associated with login/logout events. The file /var/log/faillog tracks failed events from login. The file /var/log/lastlog maintain records of the last time a user successfully logged in. The file /var/log/tallylog maintains ...

oval:org.secpod.oval:def:55132
Monitor SELinux mandatory access controls. The parameters below monitor any write access (potential additional, deletion or modification of files in the directory) or attribute changes to the /etc/selinux directory. Changes to files in this directory could indicate that an unauthorized user is atte ...

oval:org.secpod.oval:def:55130
The auditd daemon can be configured to halt the system when the audit logs are full. In high security contexts, the risk of detecting unauthorized access or nonrepudiation exceeds the benefit of the system's availability. space_left_action, action_mail_acct and admin_space_left_action setting in / ...

oval:org.secpod.oval:def:55135
Capture events where the system date and/or time has been modified. The parameters in this section are set to determine if the adjtimex (tune kernel clock), settimeofday (Set time, using timeval and timezone structures) stime (using seconds since 1/1/1970) or clock_settime (allows for the setting of ...

oval:org.secpod.oval:def:55136
Configure grub or lilo so that processes that are capable of being audited can be audited even if they start up prior to auditd startup. Audit events need to be captured on processes that start up prior to auditd, so that potential malicious activity cannot go undetected.

oval:org.secpod.oval:def:55133
Monitor changes to file permissions, attributes, ownership and group. The parameters in this section track changes for system calls that affect file permissions and attributes. The chmod, fchmod and fchmodat system calls affect the permissions associated with a file. The chown, fchown, fchownat and ...

oval:org.secpod.oval:def:55134
Monitor session initiation events. The parameters in this section track changes to the files associated with session events. The file /var/run/utmp file tracks all currently logged in users. The /var/log/wtmp file tracks logins, logouts, shutdown and reboot events. All audit records will be tagged w ...

oval:org.secpod.oval:def:55128
The accounts should be configured to expire automatically following Inactivity accounts.

oval:org.secpod.oval:def:55129
Normally, auditd will hold 4 logs of maximum log file size before deleting older log files. In high security contexts, the benefits of maintaining a long audit history exceed the cost of storing the audit history. max_log_file_action setting in /etc/audit/auditd.conf is set to at least a certain v ...

oval:org.secpod.oval:def:55126
The root account is the only system account that should have a login shell.

oval:org.secpod.oval:def:55127
This test makes sure that '/etc/passwd' has proper permission. If the target file or directory has an extended ACL then it will fail the mode check.

oval:org.secpod.oval:def:704960
curl: HTTP, HTTPS, and FTP client and client libraries Several security issues were fixed in curl.

oval:org.secpod.oval:def:704961
webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+.

oval:org.secpod.oval:def:705013
firefox: Mozilla Open Source web browser Details: USN-3991-1 fixed vulnerabilities in Firefox, and USN-3991-2 fixed a subsequent regression. The update caused an additional regression that resulted in Firefox failing to load correctly after executing it in safe mode. This update fixes the problem. W ...

oval:org.secpod.oval:def:55201
The logrotate (syslog rotater) service should be enabled.

oval:org.secpod.oval:def:55202
time is a network service that responds with the server's current date and time as a 32 bit integer. This service is intended for debugging and testing purposes. It is recommended that this service be disabled.

oval:org.secpod.oval:def:55200
The cron daemon is used to execute batch jobs on the system.

oval:org.secpod.oval:def:55212
The Network File System (NFS) is one of the first and most widely distributed file systems in the UNIX environment. It provides the ability for systems to mount file systems of other servers through the network.

oval:org.secpod.oval:def:55213
The /etc/crontab file is used by cron to control its own jobs. The commands in this item make sure that root is the user and group owner of the file and that only the owner can access the file.

oval:org.secpod.oval:def:55210
Configure /etc/cron.allow and /etc/at.allow to allow specific users to use these services. If /etc/cron.allow or /etc/at.allow do not exist, then /etc/at.deny and /etc/cron.deny are checked. Any user not specifically defined in those files is allowed to use at and cron. By removing the files, only u ...

oval:org.secpod.oval:def:55211
Access permission for '/etc/cron.d' is set to appropriate values.

oval:org.secpod.oval:def:55205
Avahi is a free zeroconf implementation, including a system for multicast DNS/DNS-SD service discovery. Avahi allows programs to publish and discover services and hosts running on a local network with no specific configuration. For example, a user can plug a computer into a network and Avahi automat ...

oval:org.secpod.oval:def:55206
echo is a network service that responds to clients with the data sent to it by the client. This service is intended for debugging and testing purposes. It is recommended that this service be disabled.

oval:org.secpod.oval:def:55203
discard is a network service that responds to clients with the data sent to it by the client. This service is intended for debugging and testing purposes. It is recommended that this service be disabled.

oval:org.secpod.oval:def:55204
The Common Unix Print System (CUPS) provides the ability to print to both local and network printers. A system running CUPS can also accept print jobs from remote systems and print them to local printers. It also provides a web based remote administration capability.

oval:org.secpod.oval:def:55209
The /etc/cron.weekly directory contains system cron jobs that need to run on a weekly basis. The files in this directory cannot be manipulated by the crontab command, but are instead edited by system administrators using a text editor. The commands below restrict read/write and search access to user ...

oval:org.secpod.oval:def:55207
daytime is a network service that responds with the server's current date and time. This service is intended for debugging and testing purposes. It is recommended that this service be disabled.

oval:org.secpod.oval:def:55208
Access permission for '/etc/cron.monthly' is set to appropriate values.

oval:org.secpod.oval:def:1901980
An issue was discovered in supplementary Go cryptography libraries, aka golang-googlecode-go-crypto, before 2019-03-20. A flaw was found in the amd64 implementation of golang.org/x/crypto/salsa20 and golang.org/x/crypto/salsa20/salsa. If more than 256 GiB of keystream is generated, or if the counter ...

oval:org.secpod.oval:def:1901993
systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext passwords in certain circumstances, such as watching a shutdown, or using Ctrl-Alt-F1 and Ctrl-Alt-F2. This occurs because the KDGKBMODE check is mishandled.

oval:org.secpod.oval:def:704998
jinja2: small but fast and easy to use stand-alone template engine Several security issues were fixed in Jinja2.

oval:org.secpod.oval:def:1901978
cleartext message spoofing

oval:org.secpod.oval:def:705083
linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-raspi2: Linux kernel for Raspberry Pi 2 - ...

oval:org.secpod.oval:def:1902097
Passing invalid titles to the API could cause a DoS by querying the entire `watchlist` table.

oval:org.secpod.oval:def:1902006
The mad_bit_skip function in bit.c in Underbit MAD libmad0-dev 0.15.1b allows remote attackers to cause a denial of service via a crafted audio file.

oval:org.secpod.oval:def:705050
thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird.

oval:org.secpod.oval:def:1902015
libseccomp-golang 0.9.0 and earlier incorrectly generates BPFs that OR multiple arguments rather than ANDing them. A process running under a restrictive seccomp filter that specified multiple syscall arguments could bypass intended access restrictions by specifying a single matching argument.

oval:org.secpod.oval:def:1901946
treeRead in hdf/btree.c in libmysofa0 before 0.7 does not properly validate multiplications and additions.

oval:org.secpod.oval:def:1901999
The mad_layer_III function in layer3.c in Underbit MAD libmad0-dev 0.15.1b allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted audio file.

oval:org.secpod.oval:def:1901998
The mad_layer_III function in layer3.c in Underbit MAD libmad0-dev 0.15.1b, if NDEBUG is omitted, allows remote attackers to cause a denial of service via a crafted audio file.

oval:org.secpod.oval:def:704967
gnome-desktop3: Introspection data for GnomeDesktop gnome-desktop could be made to escape the thumbnailer sandbox.

oval:org.secpod.oval:def:1902026
An issue was discovered in Dropbox Lepton 1.2.1. The validateAndCompress function in validation.cc allows remote attackers to cause a denial of service via a malformed file.

oval:org.secpod.oval:def:1902100
An account can be logged out without using a token

oval:org.secpod.oval:def:1901912
An exploitable SQL injection vulnerability exists in the administrator web portal function of coTURN prior to version 4.5.0.9. A login message with a specially crafted username can cause an SQL injection, resulting in authentication bypass, which could give access to the TURN server administrator we ...

oval:org.secpod.oval:def:1902098
A spammer can use Special:ChangeEmail to send out spam with no rate limiting or ability to block them.

oval:org.secpod.oval:def:1902094
Exposed suppressed username or log in Special:EditTags.

oval:org.secpod.oval:def:1901920
In trytond/model/modelstorage.py in Tryton 4.2 before 4.2.21, 4.4 before 4.4.19, 4.6 before 4.6.14, 4.8 before 4.8.10, and 5.0 before 5.0.6, an authenticated user can order records based on a field for which he has no access right. This may allow the user to guess values.

oval:org.secpod.oval:def:1902003
An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned . A malicious scp server can overwrite arbitrary ...

oval:org.secpod.oval:def:1902103
Exposed suppressed log in RevisionDelete page.

oval:org.secpod.oval:def:1902104
It is possible to bypass the limits on IP range blocks by using the API.

oval:org.secpod.oval:def:1902101
Directly POSTing to Special:ChangeEmail would allow for bypassing reauthentication, allowing for potential account takeover.

oval:org.secpod.oval:def:1902042
In Firejail before 0.9.60, seccomp filters are writable inside the jail, leading to a lack of intended seccomp restrictions for a process that is joined to the jail after a filter has been modified by an attacker.

oval:org.secpod.oval:def:704940
openjdk-lts: Open Source Java implementation - openjdk-8: Open Source Java implementation Several security issues were fixed in OpenJDK.

oval:org.secpod.oval:def:704941
postgresql-11: object-relational SQL database - postgresql-10: Object-relational SQL database - postgresql-9.5: Object-relational SQL database Several security issues were fixed in PostgreSQL.

oval:org.secpod.oval:def:1902099
An issue was discovered in Poppler 0.74.0. There is a heap-based buffer over-read in the function Splash::blitTransparent at splash/Splash.cc.

oval:org.secpod.oval:def:1902095
In Poppler through 0.76.1, there is a heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc via data with inconsistent heights or widths.

oval:org.secpod.oval:def:1902102
Poppler 0.74.0 has a heap-based buffer over-read in the CairoRescaleBox.cc downsample_row_box_filter function.

oval:org.secpod.oval:def:1902111
An issue was discovered in Poppler 0.74.0. There is a NULL pointer dereference in the function SplashClip::clipAALine at splash/SplashClip.cc.

oval:org.secpod.oval:def:1901909
When Eclipse Mosquitto version 1.0 to 1.5.5 is configured to use a password file for authentication, any malformed data in the password file will be treated as valid. This typically means that the malformed data becomes a username and no password. If this occurs, clients can circumvent authenticati ...

oval:org.secpod.oval:def:1901908
In Eclipse Mosquitto version 1.0 to 1.5.5 when a client publishes a retained message to a topic, then has its access to that topic revoked, the retained message will still be published to clients that subscribe to that topic in the future. In some applications this may result in clients being able ...

oval:org.secpod.oval:def:705010
dbus: simple interprocess messaging system DBus could allow unintended access to services.

oval:org.secpod.oval:def:1902028
Buildbot before 1.8.2 and 2.x before 2.3.1 accepts a user-submitted authorization token from OAuth and uses it to authenticate a user. If an attacker has a token allowing them to read the user details of a victim, they can login as the victim.

oval:org.secpod.oval:def:1902046
mis-handling of non-ASCII characters in guest comment fields

oval:org.secpod.oval:def:704951
libvirt: Libvirt virtualization toolkit Several issues were addressed in libvirt.

oval:org.secpod.oval:def:704959
intel-microcode: Processor microcode for Intel CPUs Details: USN-3977-1 provided mitigations for Microarchitectural Data Sampling vulnerabilities in Intel Microcode for a large number of Intel processor families. This update provides the corresponding updated microcode mitigations for Intel Cherry ...

oval:org.secpod.oval:def:704947
intel-microcode: Processor microcode for Intel CPUs The system could be made to expose sensitive information.

oval:org.secpod.oval:def:704948
qemu: Machine emulator and virtualizer Several issues were addressed in QEMU.

oval:org.secpod.oval:def:704943
linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-raspi2: Linux kernel for Raspberry Pi 2 S ...

oval:org.secpod.oval:def:705011
neovim: heavily refactored vim fork Neovim could be made to run programs as your login if it opened a specially crafted file.

oval:org.secpod.oval:def:705012
vim: Vi IMproved - enhanced vi editor Several security issues were fixed in Vim.

oval:org.secpod.oval:def:1902050
Modelines allow arbitrary code execution by opening a specially crafted text file

oval:org.secpod.oval:def:1901922
In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.

oval:org.secpod.oval:def:705076
thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird.

oval:org.secpod.oval:def:1901911
Subversion"s mod_dav_svn Apache HTTPD module versions 1.11.0 and 1.10.0 to 1.10.3 will crash after dereferencing an uninitialized pointer if the client omits the root path in a recursive directory listing operation.

oval:org.secpod.oval:def:704976
gnutls28: GNU TLS library Several security issues were fixed in GnuTLS.

oval:org.secpod.oval:def:705057
libvirt: Libvirt virtualization toolkit Several security issues were fixed in libvirt.

oval:org.secpod.oval:def:1902055
Yubico libpam-u2f 1.0.7 attempts parsing of the configured authfile as root , and does not properly verify that the path lacks symlinks pointing to other files on the system owned by root. If the debug option is enabled in the PAM configuration, part of the file contents of a symlink target will be ...

oval:org.secpod.oval:def:705007
glib2.0: GLib library of C routines GLib could be made to expose sensitive information if it received a specially crafted file.

oval:org.secpod.oval:def:1902037
file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict file permissions while a copy operation is in progress. Instead, default permissions are used.

oval:org.secpod.oval:def:705086
mysql-5.7: MySQL database Several security issues were fixed in MySQL.

*CPE
cpe:/o:ubuntu:ubuntu_linux:19.04
XCCDF    2
xccdf_org.secpod_benchmark_general_Ubuntu_19_04
xccdf_org.secpod_benchmark_SecPod_Ubuntu_19.04

© SecPod Technologies