Category Archives: Advisories

USN-5454-1: CUPS vulnerabilities

Read Time:29 Second

Joshua Mason discovered that CUPS incorrectly handled the secret key used
to access the administrative web interface. A remote attacker could
possibly use this issue to open a session as an administrator and execute
arbitrary code. (CVE-2022-26691)

It was discovered that CUPS incorrectly handled certain memory operations
when handling IPP printing. A remote attacker could possibly use this issue
to cause CUPS to crash, leading to a denial of service, or obtain sensitive
information. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04
LTS. (CVE-2019-8842, CVE-2020-10001)

Read More

CVE-2021-3555

Read Time:12 Second

A Buffer Overflow vulnerability in the RSTP server component of Eufy Indoor 2K Indoor Camera allows a local attacker to achieve remote code execution.
This issue affects:
Eufy Indoor 2K Indoor Camera
2.0.9.3 version and prior versions.

Read More

USN-5446-2: dpkg vulnerability

Read Time:22 Second

USN-5446-1 fixed a vulnerability in dpkg. This update provides
the corresponding update for Ubuntu 16.04 ESM.

Original advisory details:

Max Justicz discovered that dpkg incorrectly handled unpacking certain
source packages. If a user or an automated system were tricked into
unpacking a specially crafted source package, a remote attacker could
modify files outside the target unpack directory, leading to a denial of
service or potentially gaining access to the system.

Read More