Find the information you need for your favorite open source distribution .
It may be possible to make Ethereal crash or run arbitrary code by injecting a purposefully malformed packet onto the wire, or by convincing someone to read a malformed packet trace file.
phpSysInfo contains two vulnerabilities which could allow local files to be read or arbitrary PHP code to be executed, under the privileges of the web server process. [More...]
A bug in the getgrouplist function can cause a buffer overflow if the size of the group list is too small to hold all the user's groups. This overflow can cause segmentation faults in user applications. This vulnerability exists [More...]
There is a bug in the part of libnids code responsible for TCP reassembly. The flaw probably allows remote code execution. [More...]
Quote from : Potential security issues have been discovered in the following protocol [More...]
A buffer overflow could occur in mod_alias and mod_rewrite when a regular expression with more than 9 captures is configured.
Due to an error in the SSL/TLS protocol handling, a server will parsea client certificate when one is not specifically requested.
mpg123 contains a heap based buffer overflow that would allow an remoteattacker to execute arbitrary code on the victims machine.
teapop suffers from a sql injection in the postgresql and mysql authentication module.
ISS X-Force discovered a vulnerability that could be triggered when a specially crafted file is uploaded to a proftpd server.
A remotely exploitable buffer overflow vulnerability was found in MPlayer. A malicious host can craft a harmful ASX header, and trick MPlayer into executing arbitrary code upon parsing that header.
Portable OpenSSH versions 3.7p1 and 3.7.1p1 contain multiplevulnerabilities in the new PAM code. At least one of these bugsis remotely exploitable (under a non-standard configuration,with privsep disabled).
Fix a buffer overflow in address parsing. Fix a potential buffer overflow in ruleset parsing. This problemis not exploitable in the default sendmail configuration.
ll versions of OpenSSH's sshd prior to 3.7 contain a buffer managementerror. It is uncertain whether this error is potentially exploitable,however, we prefer to see bugs fixed proactively.
There's a heap overflow in all versions of exim3 and exim4 priorto version 4.21. It can be exercised by anyone who can make anSMTP connection to the exim daemon.
Anyone with global administrative privileges on a MySQL server may execute arbitrary code even on a host he isn't supposed to have a shell on, with the privileges of the system account running the MySQL server.
atari800 contains a buffer overflow which could be used by an attackerto gain root privileges.
Cross-site scripting (XSS) vulnerability in search.php of Gallery 1.1through 1.3.4 allows remote attackers to insert arbitrary web script viathe searchstring parameter.
Previous eroaster versions allowwed local users to overwrite arbitraryfiles via a symlink attack on a temporary file that is used as a lockfile.
Mindi creates files in /tmp which could allow local user to overwritearbitrary files.
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
