Find the information you need for your favorite open source distribution .
Quote from : Potential security issues have been discovered in the following protocol [More...]
A buffer overflow could occur in mod_alias and mod_rewrite when a regular expression with more than 9 captures is configured.
Due to an error in the SSL/TLS protocol handling, a server will parsea client certificate when one is not specifically requested.
mpg123 contains a heap based buffer overflow that would allow an remoteattacker to execute arbitrary code on the victims machine.
teapop suffers from a sql injection in the postgresql and mysql authentication module.
ISS X-Force discovered a vulnerability that could be triggered when a specially crafted file is uploaded to a proftpd server.
A remotely exploitable buffer overflow vulnerability was found in MPlayer. A malicious host can craft a harmful ASX header, and trick MPlayer into executing arbitrary code upon parsing that header.
Portable OpenSSH versions 3.7p1 and 3.7.1p1 contain multiplevulnerabilities in the new PAM code. At least one of these bugsis remotely exploitable (under a non-standard configuration,with privsep disabled).
Fix a buffer overflow in address parsing. Fix a potential buffer overflow in ruleset parsing. This problemis not exploitable in the default sendmail configuration.
ll versions of OpenSSH's sshd prior to 3.7 contain a buffer managementerror. It is uncertain whether this error is potentially exploitable,however, we prefer to see bugs fixed proactively.
There's a heap overflow in all versions of exim3 and exim4 priorto version 4.21. It can be exercised by anyone who can make anSMTP connection to the exim daemon.
Anyone with global administrative privileges on a MySQL server may execute arbitrary code even on a host he isn't supposed to have a shell on, with the privileges of the system account running the MySQL server.
atari800 contains a buffer overflow which could be used by an attackerto gain root privileges.
Cross-site scripting (XSS) vulnerability in search.php of Gallery 1.1through 1.3.4 allows remote attackers to insert arbitrary web script viathe searchstring parameter.
Previous eroaster versions allowwed local users to overwrite arbitraryfiles via a symlink attack on a temporary file that is used as a lockfile.
Mindi creates files in /tmp which could allow local user to overwritearbitrary files.
phpwebsite contains an sql injection vulnerability in the calendarmodule which allows the attacker to execute sql queries.
An attacker could send an email to the victim who ago use of HORDE MTAin order to push it to visit a website. The website in issue log all theaccesses and describe in the particular the origin of every victim.
If a long password is supplied, this can cause a buffer overflow whichcould be exploited to execute arbitrary code with the privileges of theprocess which invokes PAM services.
The previous GLSA 200308-03 was wrong when it stated thatvmware-workstation-4.0.1-5289 would fix the problems described in theadvisory.
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
