Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 2.99%
  • Veröffentlicht 07.07.2011 21:55:02
  • Zuletzt bearbeitet 16.06.2026 23:30:53

The Curl_input_negotiate function in http_negotiate.c in libcurl 7.10.6 through 7.21.6, as used in curl and other products, always performs credential delegation during GSSAPI authentication, which allows remote servers to impersonate clients via GSS...

  • EPSS 8.48%
  • Veröffentlicht 06.06.2011 19:55:01
  • Zuletzt bearbeitet 16.06.2026 23:29:57

The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.17, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request for a baselined WebDAV resource, as e...

  • EPSS 6.74%
  • Veröffentlicht 06.06.2011 19:55:01
  • Zuletzt bearbeitet 16.06.2026 23:30:01

The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz short_circuit option is enabled, allows remote attackers to cause a denial of service (infinite loop and memor...

  • EPSS 2.17%
  • Veröffentlicht 02.06.2011 19:55:03
  • Zuletzt bearbeitet 16.06.2026 23:27:58

Eucalyptus before 2.0.3 and Eucalyptus EE before 2.0.2, as used in Ubuntu Enterprise Cloud (UEC) and other products, do not properly interpret signed elements in SOAP requests, which allows man-in-the-middle attackers to execute arbitrary commands by...

Exploit
  • EPSS 0.57%
  • Veröffentlicht 03.05.2011 20:55:08
  • Zuletzt bearbeitet 16.06.2026 23:29:41

Multiple integer overflows in the next_pidmap function in kernel/pid.c in the Linux kernel before 2.6.38.4 allow local users to cause a denial of service (system crash) via a crafted (1) getdents or (2) readdir system call.

Exploit
  • EPSS 0.52%
  • Veröffentlicht 10.04.2011 02:51:19
  • Zuletzt bearbeitet 16.06.2026 23:27:26

The ocfs2_prepare_page_for_write function in fs/ocfs2/aops.c in the Oracle Cluster File System 2 (OCFS2) subsystem in the Linux kernel before 2.6.39-rc1 does not properly handle holes that cross page boundaries, which allows local users to obtain pot...

  • EPSS 84.29%
  • Veröffentlicht 08.04.2011 15:17:27
  • Zuletzt bearbeitet 16.06.2026 23:28:25

dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message, as demonstra...

  • EPSS 4.06%
  • Veröffentlicht 25.03.2011 19:55:01
  • Zuletzt bearbeitet 16.06.2026 23:29:16

The default configuration of the shell_escape_commands directive in conf/texmf.d/95NonPath.cnf in the tex-common package before 2.08.1 in Debian GNU/Linux squeeze, Ubuntu 10.10 and 10.04 LTS, and possibly other operating systems lists certain program...

Exploit
  • EPSS 1.19%
  • Veröffentlicht 15.03.2011 17:55:04
  • Zuletzt bearbeitet 16.06.2026 23:27:53

Race condition in the cm_work_handler function in the InfiniBand driver (drivers/infiniband/core/cma.c) in Linux kernel 2.6.x allows remote attackers to cause a denial of service (panic) by sending an InfiniBand request while other request handlers a...

Exploit
  • EPSS 73.95%
  • Veröffentlicht 02.03.2011 20:00:01
  • Zuletzt bearbeitet 16.06.2026 23:28:01

The vsf_filename_passes_filter function in ls.c in vsftpd before 2.3.3 allows remote authenticated users to cause a denial of service (CPU consumption and process slot exhaustion) via crafted glob expressions in STAT commands in multiple FTP sessions...