Find the information you need for your favorite open source distribution .
Using former versions of ht://Dig it was able to pass the parameter `-c' to the cgi program in order to use a different configuration file.
zen-parse has found a problem with Taylor UUCP as distributed with many GNU/Linux distributions.
Pavel Machek has found a buffer overflow in the `most' pager program.
The telnet daemon contained in the netkit-telnet-ssl_0.16.3-1 package in the 'stable' (potato) distribution of Debian GNU/Linux is vulnerable to an exploitable overflow in its output handling.
The code that handles titles in the window list menu didnot check the length of the title when copying it to a buffer.
The Horde team released version 2.2.6 of IMP (a web based IMAP mailprogram) which fixes three security problems. Their release announcementdescribes them as follows:
The pic command was vulnerable to a printf format attackwhich made it possible to circumvent the -S option and executearbitrary code.
Salvatore Sanfilippo found two remotely exploitable problems in fetchmail while doing a security audit. In both the imap and pop3 code the input is not verified and used to store a number in an array.
The telnet daemon contained in the netkit-telnet_0.16-4potato1 package in the 'stable' (potato) distribution of Debian GNU/Linux is vulnerable to an exploitable overflow in its output handling.
The version of xloadimage (a graphics files viewer for X) that was shipped in Debian GNU/Linux 2.2 has a buffer overflow in the code that handles FACES format images.
slapd does not handle packets with an invalid BER length of length fields and will crash if it received them.
By placing a custom crafted request to the Apache server consisting of a long path name created artificially by using numerous slashes, this can cause these modules to misbehave, making it possible to escape the error page, and gain a listing of the directory contents.
Buffer overflow and format string attack vulnerabilities exist in previous versions of cfingerd.
Samba can be tricked into appending any data he wants to all files on the filesystem which samba can write to under certain circumstances.
Wolfram Kleff found a problem in fetchmail: it would crash whenprocessing emails with extremely long headers. The problem wasa buffer overflow in the header parser which could be exploited.
Since rxvt is installed sgid utmp an attacker could use thisto gain utmp which would allow him to modify the utmp file.
A printf format string attack and "web of trust" pollution vulnerabilities have been fixed.
A buffer overflow condition and insecure umask mode vulnerabilities have been fixed.
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
