Ubuntu security

USN-4561-1: Rack vulnerabilities It was discovered that Rack incorrectly handled certain paths. An attacker could possibly use this issue to obtain sensitive information. (CVE-2020-8161) It was discovered that Rack incorrectly validated cookies. An attacker could possibly use this issue to forge a secure cookie. (CVE-2020-8184) Source: USN-4561-1: Rack vulnerabilities

USN-4560-1: Gon gem vulnerability It was discovered that Gon gem did not properly escape certain input. An attacker could use this vulnerability to execute a cross-site scripting (XSS) attack. Source: USN-4560-1: Gon gem vulnerability

USN-4559-1: Samba update Tom Tervoort discovered that the Netlogon protocol implemented by Samba incorrectly handled the authentication scheme. A remote attacker could use this issue to forge an authentication token and steal the credentials of the domain admin. While a previous security update fixed the issue by changing the “server schannel” setting to default to “yes”, instead of “auto”, which forced a secure netlogon channel, this update provides additional improvements. For compatibility reasons with older devices, Samba now allows specifying an insecure netlogon configuration per machine. See the following link for examples: https://www.samba.org/samba/security/CVE-2020-1472.html In addition, this update adds additional server checks for the protocol attack in the client-specified challenge to provide some protection when ‘server schannel = no/auto’ and avoid the false-positive results when running the proof-of-concept exploit. Source: USN-4559-1: Samba update

USN-4558-1: libapreq2 vulnerabilities It was discovered that libapreq2 did not properly sanitize the Content-Type field in certain, crafted HTTP requests. An attacker could use this vulnerability to cause libapreq2 to crash. Source: USN-4558-1: libapreq2 vulnerabilities

USN-4557-1: Tomcat vulnerabilities It was discovered that the Tomcat realm implementations incorrectly handled passwords when a username didn’t exist. A remote attacker could possibly use this issue to enumerate usernames. (CVE-2016-0762) Alvaro Munoz and Alexander Mirosh discovered that Tomcat incorrectly limited use of a certain utility method. A malicious application could possibly use this to bypass Security Manager restrictions. (CVE-2016-5018) It was discovered that Tomcat incorrectly controlled reading system properties. A malicious application could possibly use this to bypass Security Manager restrictions. (CVE-2016-6794) It was discovered that Tomcat incorrectly controlled certain configuration parameters. A malicious application could possibly use this to bypass Security Manager restrictions. (CVE-2016-6796) It was discovered that Tomcat incorrectly limited access to global JNDI resources. A malicious application could use this to access any global JNDI resource without an explicit ResourceLink. (CVE-2016-6797) Regis Leroy discovered that Tomcat [ more… ]