all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Ubuntu Security Notice USN-6731-1

Add to bookmarks
April 15, 2024, 4:25 p.m. |

Packet Storm packetstormsecurity.com

Ubuntu Security Notice 6731-1 - It was discovered that YARD before 0.9.11 does not block relative paths with an initial ../ sequence, which allows attackers to conduct directory traversal attacks and read arbitrary files. This issue only affected Ubuntu 16.04 LTS. It was discovered that yard before 0.9.20 is affected by a path traversal vulnerability, allowing HTTP requests to access arbitrary files under certain conditions. This issue only affected Ubuntu 18.04 LTS.

arbitrary files attackers attacks block directory directory traversal files issue lts notice path path traversal path traversal vulnerability relative security security notice ubuntu ubuntu 16.04 usn vulnerability

Visit resource

More from packetstormsecurity.com / Packet Storm

Packet Storm New Exploits For April, 2024 7 hours ago | packetstormsecurity.com
april archive exploits packet +2
Ubuntu Security Notice USN-6760-1 7 hours ago | packetstormsecurity.com
attacker data denial of service file +11
Kernel Live Patch Security Notice LSN-0103-1 7 hours ago | packetstormsecurity.com
attacker con data expose +20
Microsoft PlayReady Cryptography Weakness 7 hours ago | packetstormsecurity.com
attack beyond cryptography extraction +15
Online Tours And Travels Management System 1.0 SQL Injection 7 hours ago | packetstormsecurity.com
injection management management system sql +6
Qantas App Glitch Sees Boarding Passes Fly To Other Accounts 8 hours ago | packetstormsecurity.com
accounts app data loss flaw +4
Adobe Adds Content Credentials And Firefly To Bug Bounty Program 8 hours ago | packetstormsecurity.com
adobe bounty bug bug bounty +5
Google Boosts Bug Bounty Payouts Tenfold In Mobile App Security Push 8 hours ago | packetstormsecurity.com
app bounty bug bug bounty +6
London Drugs Pharmacy Closes All Stores To Respond To Cyber Incident 8 hours ago | packetstormsecurity.com
britain cyber cyber incident data loss +8

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Azure DevSecOps Cloud Engineer II

@ Prudent Technology | McLean, VA, USA
View on infosec-jobs.com

Security Engineer III - Python, AWS

@ JPMorgan Chase & Co. | Bengaluru, Karnataka, India
View on infosec-jobs.com

SOC Analyst (Threat Hunter)

@ NCS | Singapore, Singapore
View on infosec-jobs.com

Managed Services Information Security Manager

@ NTT DATA | Sydney, Australia
View on infosec-jobs.com

Senior Security Engineer (Remote)

@ Mattermost | United Kingdom
View on infosec-jobs.com

Penetration Tester (Part Time & Remote)

@ TestPros | United States - Remote
View on infosec-jobs.com
View more jobs