Find the information you need for your favorite open source distribution .
Mediaservice.net has discovered a bug in OpenSSH that allows attackersto identify valid users on vulnerable systems.
World-writable spool directory and buffer overflow in cnd-program have been fixed. It is recommended that all Gentoo Linux users who are runningnet-dialup/mgetty upgrade to mgetty-1.1.30
A buffer overflow has been fixed in pptpd. It is recommended that all Gentoo Linux users who are runningnet-dialup/pptpd upgrade to pptpd-1.1.3.20030409
A buffer overflow vulnerability exists in Monkey's handling of formssubmitted with the POST request method. The unchecked buffer lies in thePostMethod() procedure.
The Snort stream4 preprocessor (spp_stream4) incorrectlycalculates segment size parameters during stream reassembly for certainsequence number ranges which can lead to an integer overflow that can beexpanded to a heap overflow.
KDE uses Ghostscript software for processing of PostScript (PS) and PDF files in a way that allows for the execution of arbitrary commands that can be contained in such files.
KDE uses Ghostscript software for processing of PostScript (PS) and PDF files in a way that allows for the execution of arbitrary commands that can be contained in such files.
KDE uses Ghostscript software for processing of PostScript (PS) and PDF files in a way that allows for the execution of arbitrary commands that can be contained in such files.
An attacker can prepare a malicious PostScript or PDF file which will provide the attacker with access to the victim's account and privileges.
KDE uses Ghostscript software for processing of PostScript (PS) and PDF files in a way that allows for the execution of arbitrary commands that can be contained in such files.
There is a buffer overflow in the server responds handler of seti at home.
An anonymous user can gain remote root access due to a buffer overflow caused by a StrnCpy() into a char array (fname) using a non-constant length (namelen).
Remote exploitation of a memory leak in the Apache HTTP Server causes the daemon to over utilize system resources on an affected system.
The xdrmem_getbytes() function in the XDR library provided by Sun Microsystems contains an integer overflow.
There is a vulnerability in sendmail that can be exploited to cause a denial-of-service condition and could allow a remote attacker to execute arbitrary code with the privileges of the sendmail daemon, typically root.
A cryptographic weakness in version 4 of the Kerberos protocol allows anattacker to use a chosen-plaintext attack to impersonate any principal in arealm. OpenAFS kaserver implements version 4 of the Kerberos protocol, andtherefore is vulnerable.
The function gzprintf() is similar in behaviour to fprintf() except that by default, this function will smash the stack if called with arguments that expand to more than Z_PRINTF_BUFSIZE (=4096 by default) bytes.
Various conditions may be presented that can permit an attacker to remotelyexploit a service using this vulnerable routine in the XDR library.
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
