Find the information you need for your favorite open source distribution .
Sebastian Krahmer found a problem in the modprobe utility that could beexploited by local users to run arbitrary commands as root if themachine is running a kernel with kmod enabled.
Mandrake has recently released a security advisory against CUPSraising two issues
The version of Vixie Cron shipped with Debian GNU/Linux 2.2 is vulnerable toa local attack, discovered by Michal Zalewski.
The version of BIND shipped with Debian GNU/Linux 2.2 is vulnerable toa remote denial of service attack
Proton reported on bugtraq that tcsh did not handle in-here documentscorrectly. The version of tcsh that is distributed with Debian GNU/Linux2.2r0 also suffered from this problem.
The version of gnupg that was distributed in Debian GNU/Linux 2.2 hada logic error in the code that checks for valid signatures which couldcause false positive results:
The version of nis as distributed in Debian GNU/Linux 2.1 and 2.2 contains an ypbind package with a security problem.
In versions of the PHP 4 packages before version 4.0.3, several format string bugs could allow properly crafted requests to execute code.
In versions of the PHP 3 packages before version 3.0.17, several formatstring bugs could allow properly crafted requests to execute code as theuser running PHP scripts on the web server, particularly if error loggingwas enabled.
The version of curl as distributed with Debian GNU/Linux 2.2 had a bug in the error logging code.
In versions of boa before 0.94.8.3, it is possible to access files outside of the server's document root by the use of properly constructed URL requests.
Debian is phasing out support for Debian 2.1 (slink) and are looking for feedback.
libpam-smb contains a buffer overflow that can be used to execute arbitrary commands with root privilege.
Several vulnerabilities exist with xpdf that could allow the creation of unsafe termporary files and the running of arbitrary shell commands.
A vulnerability exists that could allow a user to run arbitrary commands on the server.
Recently two problems have been found in the glibc suite, which could beused to trick setuid applications to run arbitrary code.
A format string bug was recently discovered in screen which can be used to gain elevated privilages if screen is setuid.
Recently two problems have been found in the glibc suite, which could beused to trick setuid applications to run arbitrary code.
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
