Find the information you need for your favorite open source distribution .
This advisory contains information on the status of several outstanding potential security vulnerabilities present in SuSE Linux.
It may be possible for an attacker to modify his/her DNS record to execute abitrary machine code as root while connecting to the standard ftp daemon.
makewhatis from man package reported to not be vulnerable to /tmp race condition bug.
The implementation of the capability feature of the kernel 2.2.x < 2.2.16 is faulty.
The wu-ftp FTP server does not do proper bounds checking while processing the SITE EXEC command.
An adversary could set SHELL to his own program to get local root access to the system by writing directly to the raw HDD device.
An remote adversary could crash gdm or execute his own code, which leads to root compromise of the system running gdm.
A method to bypass ipchains masquerading exists and an update has been issued.
aaa_base is the basic package which comes with any SuSE Linux installation. Corrections to cron scripts and default directories have been made.
kreatecd is a KDE tool used to burn cd-roms. An exploitable buffer overflow was found in this tool.
Local users may gain access to group id 0 and hence may modify files owned and writable by the gid 0.
The package ircii is an irc client which is used to connect to irc servers and chat with other users. A buffer overflow in the dcc chat feature was found which is exploitable by remote users
A vulnerability in the SuSE Linux IMAP Server - which is unrelated to the SuSE Linux Distribution (which is unaffected) - was found which allows remote users to circumvented the imap authentication.
htsearch, a CGI program which is part of htdig, doesn't do proper checking on user input.
A bug in the authentication function of mysql allows anyone who knows a valid username to successfully authenticate as that users in no more than 32 tries.
SUSE advisory states ... " A malicous user could execute commands with the privileges of the user executing make. This security hole could lead to local root compromise if root passes Makefiles to make through stdin."
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
