Find the information you need for your favorite open source distribution .
There are several buffer overflows in the gtetrinet package as shipped in Debian GNU/Linux 3.0, which could be abused by a malicious server.
Tatsuya Kinoshita discovered that IM, which contains interface commands and Perl libraries for E-mail and NetNews, creates temporary files insecurely.
The security update from DSA 192-1 contained a syntax error which is now fixed.
There is a vulnerability in the support for various network protocols via the KIO The implementation of the rlogin and protocol allows a carefully crafted URL in an HTML page, HTML email or other KIO-enabled application to execute arbitrary commands on the system using the victim's account on the vulnerable machine.
There is a security problem in smb2www. This could lead a remote attacker to execute arbitrary programs under the user id www-data on the host where smb2www is running.
Tatsuya Kinoshita discovered that IM, which contains interfacecommands and Perl libraries for E-mail and NetNews, creates temporaryfiles insecurely.
Free/SWan in Debain does not properly handle certain very short packets and is said to cause a kernel panic.
There was a bug in the length checking for encrypted password change requests from clients.
There is a cross site scripting vulnerability in mhonarc, a mail to HTML converter.
When a mail is to be delivered locally to a user that doesn'texist, nullmailer tries to deliver it, discovers a user unknown errorand stops delivering. Unfortunately, it stops delivering entirely,not only this mail.
A problem in the Courier sqwebmail package, a CGI program to grant authenticated access to local mailboxes, has been discovered.
The security research company ISS (Internet Security Services) has discovered several vulnerabilities in the BIND8 name server, including a remotely exploitable buffer overflow.
These vulnerabilities could allow an attacker to enact a denial of service against a server or execute a cross site scripting attack, or steal cookies from other web site users.
A set of buffer overflows have been discovered in masqmail, a mail transport agent for hosts without permanent internet connection.
It is possible for a local attackerto exploit a buffer overflow condition in resLISa, a restrictedversion of KLISa.
There is a vulnerability in html2ps that opens files based on unsanitized input insecurely.
Several cross site scripting vulnerabilities have been found in squirrelmail.
There is a problem in the image handling code use in Window Maker.
There is a vulnerability in LuxMan. When successfully exploited it a local attacker with read write access to the Memory, leading to a local root compromise in many ways, examples of which include scanning the file for fragments of the master password file and modifying kernel memory to re-map system calls.
There are vulnerabilities that could allow an attacker to enact a denial of service against a server or execute a cross scripting attack, or steal cookies from other web site users. Vulnerabilities in the included lecacy programs htdigest, htpasswd and ApacheBench can be exploited when called via CGI.
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
