Find the information you need for your favorite open source distribution .
Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets.
A problem has been found in the Kerberos ftp client.
Zack Weinberg discovered that os._execvpe from os.py in Python <=2.2.1 creates temporary files with predictable names.
On servers which are configured to allow anonymous read-only access, this bug could be used by anonymous users to gain write privileges.
Georgi Guninski found that these comments can be carefully crafted in order to call external programs. This could allow an attacker to create a text file such that when it is opened arbitrary commands are executed.
Several potential stack overflow vulnerabilities affect the ISC DHCPD server.
Updated MySQL packages are available for Red Hat Linux 7, 7.1, 7.2, 7.3, and 8.0 which fix security vulnerabilities found in the MySQL server.
PostgreSQL versions 7.2.1 and 7.2.2 contain a serious issue with the VACUUM command when it is run by a non-superuser.
A number of vulnerabilities have been discovered in CUPS, Common Unix Printing System.
Unpatched versions of libpng <=1.2.1 do not correctly calculate offsets, which leads to a buffer overflow and the possibility of arbitrary code execution.
Updated Ethereal packages are available which fix various security issues.
Insufficient buffer length checking in user name canonicalization. This issue would be hard to exploit, but would allow a remote user to execute arbitrary code on the system.
Pine did not allocate enough memory for the parsing and escaping of the "From" header, allowing a carefully crafted email to cause a buffer overflow on the heap.
The Net-SNMP packages shipped with Red Hat Linux 8.0 contain several bugs including a remote denial of service vulnerability.
This bug allows a remote attacker to crash Fetchmail and potentially execute arbitrary code by sending a carefully crafted email which is then parsed by Fetchmail.
Updated apache and httpd packages which fix a number of security issues are now available for Red Hat Linux 6.2, 7, 7.1, 7.2, 7.3, and 8.0.
The wget packages shipped with Red Hat Linux 6.2 through 8.0 contain a security bug which, under certain circumstances, can cause local files to be written outside the download directory.
The Canna server, has two security vulnerabilities including an exploitable buffer overrun allowing a local user to gain 'bin' user privileges.
A number of vulnerabilities have been found that affect various versions of KDE.
A buffer overflow in Webalizer versions prior to 2.01-10, when configured to use reverse DNS lookups, may allow remote attackers to execute arbitrary code by connecting to the monitored Web server from an IP address that resolves to a long hostname.
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
