Find the information you need for your favorite open source distribution .
By manipulating the VMware GSX Server and VMware Workstationenvironment variables, a program such as a shell session withroot privileges could be started when a virtual machine islaunched.
The (1) semi MIME library 1.14.5 and earlier, and (2) wemi 1.14.0 andpossibly other versions, allows local users to overwrite arbitrary filesvia a symlink attack on temporary files.
gpg needs to be setuid to make use of protected memory space, however thesetgid bit allowed gpg user to overwrite goup root writable files and istherefore unnecessary.
Local or remote attacker which is capable to send RPC request tovulnerable mountd daemon could execute artitrary code or causedenial of service.
Attackers can use carefully crafted png pictures to execute arbitrarycommands using a buffer overflow in when viewed in gtksee.
Cistron RADIUS daemon (radiusd-cistron) 1.6.6 and earlier allows remoteattackers to cause a denial of service and possibly execute arbitrarycode via a large value in an NAS-Port attribute, which is interpretedas a negative number and causes a buffer overflow.
ypserv NIS server before 2.7 allows remote attackers to cause a denialof service via a TCP client request that does not respond to the server,which causes ypserv to block.
By inserting invalid characters between ".." attackers can overwritearbitrary files.
Buffer overflow in mikmod 3.1.6 and earlier allows remote attackers to execute arbitrary code via an archive file that contains a file with a long filename.
Bas Wijnen discovered that the gnocatan server is vulnerable to several buffer overflows which could be exploited to execute arbitrary code on the server system.
QL injection vulnerability in viewtopic.php for phpBB 2.0.5 and earlier allows remote attackers to steal password hashes via the topic_id parameter.
Multiple vulnerabilities in noweb 2.9 and earlier creates temporary files insecurely, which allows local users to overwrite arbitrary files via multiple vectors including the noroff script.
tcptraceroute 1.4 and earlier does not fully drop privileges after obtaining a file descriptor for capturing packets, which may allow local users to gain access to the descriptor via a separate vulnerability in tcptraceroute.
It may be possible to make Ethereal crash or run arbitrary code by injecting a purposefully malformed packet onto the wire, or by convincing someone to read a malformed packet trace file.
Valid PDF files can contain malicious external-type hyperlinks that can execute arbitrary shell commands underneath Unix with various PDF viewers/readers.
Valid PDF files can contain malicious external-type hyperlinks that can execute arbitrary shell commands underneath Unix with various PDF viewers/readers.
A SQL Inject exists in ProFTPD server using the mod_sql module to authenticate against PostgreSQL database server. This vulnerability may allow a remote user to login whithout user and password.
CUPS allows remote attackers to cause a denial of service via a partial printing request to the IPP port (631), which does not time out.
Buffer overflow in kon2 allows local users to execute arbitrary codevia a long -Coding command line argument.
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
