Alerts This Week
Warning Icon 1 619
Alerts This Week
Warning Icon 1 619

SuSE Essential and Critical Security Patch Updates - Page 1139

Find the information you need for your favorite open source distribution .


Warning: Undefined property: stdClass::$helix_ultimate_image in /var/www/www.linuxsecurity.com-443/html/templates/newsberg/html/com_content/category/blog_item.php on line 54

Warning: Undefined property: stdClass::$helix_ultimate_image in /var/www/www.linuxsecurity.com-443/html/templates/newsberg/html/com_content/category/blog_item.php on line 55
Suse Large Esm H267

RHEL: apache-2.4.46 High Advisory: Vulnerability In Authentication System

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

When lynx calls external programs for protocols (e.g. telnet), the location is passed unchecked. This can be used to activate commandline parameters. For example, this reference [A HREF="telnet://-n.rhosts"]click me[/A] would activate the tracefile options on the telnet client, with the result, that a .rhosts in the current directory would created or overwritten.


Warning: Undefined property: stdClass::$helix_ultimate_image in /var/www/www.linuxsecurity.com-443/html/templates/newsberg/html/com_content/category/blog_item.php on line 54

Warning: Undefined property: stdClass::$helix_ultimate_image in /var/www/www.linuxsecurity.com-443/html/templates/newsberg/html/com_content/category/blog_item.php on line 55
Suse Large Esm H267

SuSE: Security Advisory for Pine IMAP Package Fix: Critical Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

On June the 28th SuSE released a new pine package, which fixes a security bug. Unfortunately the patch brokes IMAP support for pine. Now there is a new package available which works correctly.


Warning: Undefined property: stdClass::$helix_ultimate_image in /var/www/www.linuxsecurity.com-443/html/templates/newsberg/html/com_content/category/blog_item.php on line 54

Warning: Undefined property: stdClass::$helix_ultimate_image in /var/www/www.linuxsecurity.com-443/html/templates/newsberg/html/com_content/category/blog_item.php on line 55
Suse Large Esm H267

SuSE: cron-3.0.1-75 Critical: Local Root Compromise and DoS Attack

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Three security threats were found in the vixie crond, which is shipped with SuSE Linux. 1) no boundchecking on a local buffer, while copying data from MAILTO 2) passing invalid options to sendmail 3) it doesn't drop root privileges while sending acknowledge mail to a user


Warning: Undefined property: stdClass::$helix_ultimate_image in /var/www/www.linuxsecurity.com-443/html/templates/newsberg/html/com_content/category/blog_item.php on line 54

Warning: Undefined property: stdClass::$helix_ultimate_image in /var/www/www.linuxsecurity.com-443/html/templates/newsberg/html/com_content/category/blog_item.php on line 55
Suse Large Esm H267

SuSE: Urgent Advisory on Rsync Vulnerability Affecting Permissions

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The security breach occurs when you try to transfer an empty directory into a non-existent directory. In that case rsync sets the permissions of the working directory to those of the empty directory; this means, that the permissions of your home directory are changed to the file access mode of the empty directory if you do a remote rsync by using ssh/rsh.


Warning: Undefined property: stdClass::$helix_ultimate_image in /var/www/www.linuxsecurity.com-443/html/templates/newsberg/html/com_content/category/blog_item.php on line 54

Warning: Undefined property: stdClass::$helix_ultimate_image in /var/www/www.linuxsecurity.com-443/html/templates/newsberg/html/com_content/category/blog_item.php on line 55
Suse Large Esm H267

Fedora: Essential Patch Needed for xinetd Remote Exploit Vulnerability

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The way in.identd is started by inetd from a standard /etc/inetd.conf on a SuSE Linux distribution may be exploited to mount a Denial-of-Service attack against the system. When inetd starts in.identd with the "wait" flag and the "-w -t120" options, the in.identd will start to listen on the well known port while inetd deactivates its own listener for the time in.identd is alive.

Your message here