Find the information you need for your favorite open source distribution .
A security vulnerability exists in Apache Tomcat 4.0.x releases, which allows a specially crafted URL to return the unprocessed source of a JSP page without the need for being properly authenticated.
Several vulnerabilities have been discovered in canna, a Japanese input system.
There is an integer overflow in the pdftops filter from the xpdf package that can be exploited to gain the privileges of the target user.
A security issue has been discovered in geneweb, a genealogical software with web interface.
A specially crafted HTML mail message can introduce foreign scripting content in archives, by-passing MHonArc's HTML script filtering.
A cross site scripting vulnerability has been discovered in squirrelmail
A malicious administrator of the regular or an untrusted DHCP server may execute any command with root privileges on the DHCP client machine by sending the command enclosed in shell metacharacters in one of the options provided by the DHCP server.
A cross site scripting vulnerability has been reported for Bugzilla. Bugzilla does not properly sanitize any input submitted by users.
By overflowing a buffer a local attacker could execute arbitrary commands under the group id games.
There is a buffer overflow in fetchmail, an SSL enabled POP3, APOP and IMAP mail gatherer/forwarder.
There is a buffer overflow in the Cyrus IMAP server, which could be exploited by a remote attacker prior to logging in.
The lisa daemon contains a buffer overflow vulnerability which potentially enables any local user, as well any any remote attacker on the LAN who is able to gain control of the LISa port (7741 by default), to obtain root privileges.
There is a problem in connection with 16-bit samples from libpng, an interface for reading and writing PNG format files.
Receiving certain ICQ message types that do not contain the required 0xFE seperator causes all versions to crash.
lynx (a text-only web browser) did not properly check for illegal characters in all places, including processing of command line options, which could be used to insert extra HTTP headers in a request.
There are two buffer overflow vulnerabilites that have been found in the wget package.
A security hole has been discovered in Safe.pm which is used in all versions of Perl.
xdvi and dvips call thesystem() function insecurely, which allows a remote attacker toexecute arbitrary commands via cleverly crafted DVI files.
The BGP decoding routines for tcpdump used incorrect bounds checking when copying data. This could be abused by introducing malicious traffic on a sniffed network for a denial of service attack against tcpdump, or possibly even remote code execution.
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
