Alerts This Week
Warning Icon 1 537
Alerts This Week
Warning Icon 1 537

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -5 articles for you...
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisorydenial of servicegentoo

Gentoo GLSA-201406-23: DenyHosts Normal Severity Denial of Service

A vulnerability in DenyHosts could allow a remote attacker to create a Denial of Service condition.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201406-23 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: DenyHosts: Denial of Service Date: June 25, 2014 Bugs: #495130 ID: 201406-23 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= A vulnerability in DenyHosts could allow a remote attacker to create a Denial of Service condition. Background ========= DenyHosts is a script intended to be run by Linux system administratorsto help thwart SSH server attacks. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-admin/denyhosts < 2.6-r9 > = 2.6-r9 Description ========== DenyHosts does not properly define the regular expressions used when parsing SSH authentication logs. Impact ===== A remote attacker could possibly cause a Denial of Service condition via a crafted login name. Workaround ========= There is no known workaround at this time. Resolution ========= All DenyHost users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =app-admin/denyhosts-2.6-r9" References ========= [ 1 ] CVE-2013-6890 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6890 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201406-23 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuringthe confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ . A distant intruder could leverage a DenyHosts flaw, potentially causing service disruption. Users are recommended to perform an upgrade.. DenyHosts,DenyHosts Vulnerability,Gentoo Denial of Service,Remote DenyHosts Attack. . LinuxSecurity.com Team

Calendar 2 Jun 26, 2014 Gentoo
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorysoftware updatedebian

Debian DSA-2826-2 Critical: Denyhosts Regression Fix for Break-Ins

A regression has been found on the denyhosts packages fixing CVE-2013-6890. This regression could cause an attempted breakin attempt to be missed by denyhosts, which would then fail to enforce a ban. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2826-2 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Yves-Alexis Perez January 23, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : denyhosts Vulnerability : regression Debian Bug : 734329 CVE ID : CVE-2013-6890 A regression has been found on the denyhosts packages fixing CVE-2013-6890. This regression could cause an attempted breakin attempt to be missed by denyhosts, which would then fail to enforce a ban. For the oldstable distribution (squeeze), this problem has been fixed in version 2.6-7+deb6u3. For the stable distribution (wheezy), this problem has been fixed in version 2.6-10+deb7u3. For the testing (jessie) and unstable (sid) distribution, the package denyhosts has been removed, and its users are encouraged to switch to an alternative like fail2ban. We recommend that you upgrade your denyhosts packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . An update addressing the denyhosts issue in Debian, which prevents overlooked intrusion attempts, can now be applied.. Denyhosts Regression, Debian Update, Security Advisory, Break-In Prevention. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jan 23, 2014 Critical Debian
Banner 1 1028x280 1708121660 1771599717
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydebianDoS attack

Debian DSA-2826-1: Critical Denial Of Service Risk In Denyhosts

Helmut Grohne discovered that denyhosts, a tool preventing SSH brute-force attacks, could be used to perform remote denial of service against the SSH daemon. Incorrectly specified regular expressions used to detect brute force attacks in authentication logs could be exploited . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2826-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Yves-Alexis Perez December 22, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : denyhosts Vulnerability : Remote denial of ssh service Problem type : remote Debian-specific: no CVE ID : CVE-2013-6890 Helmut Grohne discovered that denyhosts, a tool preventing SSH brute-force attacks, could be used to perform remote denial of service against the SSH daemon. Incorrectly specified regular expressions used to detect brute force attacks in authentication logs could be exploited by a malicious user to forge crafted login names in order to make denyhosts ban arbitrary IP addresses. For the oldstable distribution (squeeze), this problem has been fixed in version 2.6-7+deb6u2. For the stable distribution (wheezy), this problem has been fixed in version 2.6-10+deb7u2. For the testing distribution (jessie), this problem has been fixed in version 2.6-10.1. For the unstable distribution (sid), this problem has been fixed in version 2.6-10.1. We recommend that you upgrade your denyhosts packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Vulnerability identified in Fail2Ban software affecting SSH protocols. Immediate patch needed for Ubuntu systems.. Denyhosts Update, Remote AttackPrevention, SSH Security, Debian Advisory, Security Management. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Dec 22, 2013 Critical Debian
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisorydenial of serviceremote exploit

Gentoo: GLSA-200710-14 Normal: DenyHosts Denial Of Service

DenyHosts does not correctly parse log entries, potentially causing a remote Denial of Service.. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200710-14 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: DenyHosts: Denial of Service Date: October 13, 2007 Bugs: #181213 ID: 200710-14 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= DenyHosts does not correctly parse log entries, potentially causing a remote Denial of Service. Background ========= DenyHosts is designed to monitor SSH servers for repeated failed login attempts. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-admin/denyhosts < 2.6-r1 > = 2.6-r1 Description ========== Daniel B. Cid discovered that DenyHosts used an incomplete regular expression to parse failed login attempts, a different issue than GLSA 200701-01. Impact ===== A remote unauthenticated attacker can add arbitrary hosts into the blacklist, including the "all" keyword, by submitting specially crafted version identification strings to the SSH server banner. An attacker may use this to prevent legitimate users from accessing a host remotely. Workaround ========= There is no known workaround at this time. Resolution ========= All DenyHosts users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =app-admin/denyhosts-2.6-r1" References ========= [ 1 ] CVE-2007-4323 https://www.cve.org/CVERecord?id=CVE-2007-4323 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/200710-14 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org/. License ====== Copyright 2007 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: Using GnuPG with Mozilla - iD8DBQFHEK9GuhJ+ozIKI5gRAqKVAJ48DBUzTGjc0CnKWS7Q6SM6/bw9ugCdHEqy 6WhuOTF4o7XnMr5UheGH+Jw=vsBY -----END PGP SIGNATURE----- . The DenyHosts app in Gentoo Linux has a critical parsing flaw that can expose systems to remote denial of service risks. Immediate action is advised. DenyHosts, Denial of Service, Gentoo Security, Remote Exploit. . LinuxSecurity.com Team

Calendar 2 Oct 13, 2007 Gentoo
Banner 1 1028x280 1708121660 1771599717
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here