Find the information you need for your favorite open source distribution .
Quote from : "Stable CVS 1.11.11 has been released. Stable releases contain only bug fixes from previous versions of CVS. This release adds code to [More...]
Two buffer overflow problems have been found in lftp, a multithreadedcommand-line based FTP client.
Two buffer overflow problems have been found in lftp, a multithreaded command-line based FTP client. A specially created directory on a web server could be used to execute arbitrary code on the connecting machine. The user's machine has to connect to a malicious web server using HTTP or [More...]
There is a remotely exploitable bug in xchat 2.0.6 that could lead to a denialof service attack. This is caused by sending a malformed DCC packet to xchat2.0.6, causing it to crash.
Two flaws have been found in GnuPG 1.2.3. First, ElGamal signing keys can be compromised. These keys are not commonly used. Quote from [More...]
Two flaws have been found in GnuPG 1.2.3 including a format string vulnerability and the compromise of ElGamal signing keys.
This release fixes a security issue with no known exploits that could cause previous versions of CVS to attempt to create files and directories in the filesystem root.
Quote from : Stable CVS 1.11.10 has been released. Stable releases contain only bug fixes from previous versions of CVS. This release fixes a [More...]
Lack of proper bounds checking exists in the do_brk() kernel function in Linux kernels prior to 2.4.23. This bug can be used to give a userland program or malicious service access to the full kernel address space and gain root privileges. This issue is known to be exploitable. [More...]
Rsync version 2.5.6 contains a vulnerability that can be used to run arbitrary code. The Gentoo infrastructure team has some reasonably good forensic evidence that this exploit may have been used in combination with the Linux kernel brk vulnerability (see GLSA 200312-02) to exploit a [More...]
Lack of proper bounds checking exists in the do_brk() kernel function inLinux kernels prior to 2.4.23. This bug can be used to give a userlandprogram or malicious service access to the full kernel address space andgain root privileges. This issue is known to be exploitable.
Rsync version 2.5.6 contains a vulnerability that can be used to runarbitrary code. The Gentoo infrastructure team has some reasonably goodforensic evidence that this exploit may have been used in combination withthe Linux kernel brk vulnerability (see GLSA 200312-02) to exploit arsync.gentoo.org rotation server (see GLSA-200312-01.)
On December 2nd at approximately 03:45 UTC, one of the servers that makes up the rsync.gentoo.org rotation was compromised via a remote exploit. At this point, we are still performing forensic analysis. However, the compromised system had both an IDS and a file integrity checker installed and we have a [More...]
phpSysInfo contains two vulnerabilities which could allow local files to beread or arbitrary PHP code to be executed, under the privileges of the webserver process.
There is a bug in the part of libnids code responsible for TCP reassembly.The flaw probably allows remote code execution.
A bug in the getgrouplist function can cause a buffer overflow if the size ofthe group list is too small to hold all the user's groups. This overflow cancause segmentation faults in user applications. This vulnerability existsonly when an administrator has placed a user in a number of groups largerthan that expected by an application.
It may be possible to make Ethereal crash or run arbitrary code by injecting a purposefully malformed packet onto the wire, or by convincing someone to read a malformed packet trace file.
phpSysInfo contains two vulnerabilities which could allow local files to be read or arbitrary PHP code to be executed, under the privileges of the web server process. [More...]
A bug in the getgrouplist function can cause a buffer overflow if the size of the group list is too small to hold all the user's groups. This overflow can cause segmentation faults in user applications. This vulnerability exists [More...]
There is a bug in the part of libnids code responsible for TCP reassembly. The flaw probably allows remote code execution. [More...]
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
