Find the information you need for your favorite open source distribution .
Cade Cairns of Securityfocus discovered a vulnerability in the sendmail program, the widely spread MTA used in Unix- and Unix-like systems.
Sdbsearch.cgi is Perl script which is part of the sdb package of SuSE Linux was found vulnerable by using untrustworthy client input (HTTP_REFERER)
Fetchmail is a tool for retrieving and forwarding mail. Two vulnerabilities in the code of fetchmail were found in the last weeks.
Cda, a setuid commandline part of xmcd, a X11/Motif audio CD player by Ti Kan , was found vulnerable by a link attack and some bufferoverflows.
Due to missing boundary checks in the xli code a buffer overflow could be triggered by an external attacker to execute commands on the victim's system. An exploit is publically available.
Ntping, a ping/traceroute program, is part of the Scotty package. It's failure is to read a hostname as commandline option without checking the size. This leads to a bufferoverrun, that could be used to gain root privileges
Zen-parse has reported a bug to Bugtraq which allows remote attackers to overflow a buffer in the logging routine of xinetd.
Michal Zalewski discovered that a remote attacker can write to files owned by root if the samba config file /etc/smb.conf contains the %m macro to specify the logfile for logging access to the samba server.
A format string vulnerability in versions of GnuPG before 1.0.6 has been found.
Multiple problems including a format string vulnerability and segmentation fault have been fixed.
Multiple security vulnerabilities have been found in all Linux kernels of version 2.2 before version 2.2.19. Most of the found errors allow a local attacker to gain root privileges.
The previous advisory contained incorrect pathnames and MD5 information.
During operation, the underlying SGML perlmodule creates temporary files in an insecure way.
As long as hfaxd(8c) is installed setuid root, it may be possible to gain root access locally.
When printing a whole text or selected parts of a text, nedit(1) creates a temporary file in an insecure manner. This behavior could be exploited to gain access to other users privileges, even root.
sudo(8) previous to version 1.6.3p6 is vulnerable by a buffer overflow in it's logging code, which could lead to local root compromise.
A tmp race condition and other vulnerabilities exist that may be used to gain unauthorized access to more privileges.
A local attacker could trick mc into executing commands with the privileges of the user running mc
An exploit published by Przemyslaw Frasunek demonstrates a buffer overflow in the control request parsing code of the ntpd.
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
