Find the information you need for your favorite open source distribution .
Severl problems have been discovered in MySQL, a commonly used SQL database on Unix servers.
This security advisory corrects DSA 458-2 which caused a problem in the gethostbyaddr routine.
Chris Evans discovered several stack and integer overflows in the libXpm library which is included in LessTif.
A vulnerability has been discovered in samba, a commonly used LanManager-like file and printer server for Unix. A remote attacker may be able to gain access to files which exist outside of the share's defined path.
Stefan Nordhausen has identified a local security hole in net-acct, a user-mode IP accounting daemon. Old and redundant code from some time way back in the past created a temporary file in an insecure fashion.
Julian Reschke reported a problem in mod_dav of Apache 2 in connection with a NULL pointer dereference. When running in a threaded model, especially with Apache 2, a segmentation fault can take out a whole process and hence create a denial of service for the whole server.
Max Vozeler discovered a vulnerability in pppoe, the PPP over Ethernet driver from Roaring Penguin. When the program is running setuid root (which is not the case in a default Debian installation), an attacker could overwrite any file on the file system.
Michal Zalewski discovered a bug in the netkit-telnet server (telnetd) whereby a remote attacker could cause the telnetd process to free an invalid pointer.
A security problem has been discovered in getmail, a POP3 and APOP mail gatherer and forwarder. An attacker with a shell account on the victims host could utilise getmail to overwrite arbitrary files when it is running as root.
Hugo Espuny discovered a problem in sendmail, a commonly used program to deliver electronic mail. When installing "sasl-bin" to use sasl in connection with sendmail, the sendmail configuration script use fixed user/pass information to initialise the sasl database.
Marcus Meissner discovered a heap overflow error in imlib2, an imaging library for X and X11 and the successor of imlib, that may be utilised by an attacker to execute arbitrary code on the victims machine.
Przemyslaw Frasunek discovered a vulnerability in tnftpd or lukemftpd respectively, the enhanced ftp daemon from NetBSD. An attacker could utilise this to execute arbitrary code on the server.
iDEFENSE discovered a buffer overflow in the wv library, used toconvert and preview Microsoft Word documents.
Chris Evans discovered several problems in gdk-pixbuf, the GdkPixBuflibrary used in Gtk.
Marcus Meissner discovered a heap overflow error in imlib, an imaginglibrary for X and X11, that could be abused by an attacker to executearbitrary code on the vicims machine.
Marcus Meissner from SUSE has discovered several buffer overflows inthe ImageMagick graphics library.
Chris Evans discovered several problems in gdk-pixbuf, the GdkPixBuflibrary used in Gtk.
Alvaro Martinez Echevarria discovered a problem in CUPS, the CommonUNIX Printing System. An attacker can easily disable browsing in CUPSby sending a specially crafted UDP datagram to port 631 where cupsd isrunning.
Ludwig Nussel discovered a problem in webmin, a web-basedadministration toolkit. A temporary directory was used but withoutchecking for the previous owner. This could allow an attacker tocreate the directory and place dangerous symbolic links inside.
The MIT Kerberos Development Team has discovered a number ofvulnerabilities in the MIT Kerberos Version 5 software
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
