Test ID:	1.3.6.1.4.1.25623.1.1.12.2020.4449.2
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-4449-2)
Summary:	The remote host is missing an update for the 'apport' package(s) announced via the USN-4449-2 advisory.
Description:	Summary: The remote host is missing an update for the 'apport' package(s) announced via the USN-4449-2 advisory. Vulnerability Insight: USN-4449-1 fixed several vulnerabilities in Apport. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Ryota Shiga working with Trend Micro's Zero Day Initiative, discovered that Apport incorrectly dropped privileges when making certain D-Bus calls. A local attacker could use this issue to read arbitrary files. (CVE-2020-11936) Seong-Joong Kim discovered that Apport incorrectly parsed configuration files. A local attacker could use this issue to cause Apport to crash, resulting in a denial of service. (CVE-2020-15701) Ryota Shiga working with Trend Micro's Zero Day Initiative, discovered that Apport incorrectly implemented certain checks. A local attacker could use this issue to escalate privileges and run arbitrary code. (CVE-2020-15702) Affected Software/OS: 'apport' package(s) on Ubuntu 14.04. Solution: Please install the updated package(s). CVSS Score: 4.4 CVSS Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2020-11936 Common Vulnerability Exposure (CVE) ID: CVE-2020-15701 https://launchpad.net/bugs/1877023 https://usn.ubuntu.com/4449-1 https://usn.ubuntu.com/4449-1/ https://usn.ubuntu.com/4449-2/ Common Vulnerability Exposure (CVE) ID: CVE-2020-15702 https://www.zerodayinitiative.com/advisories/ZDI-20-979/
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.