Alerts This Week
Warning Icon 1 659
Alerts This Week
Warning Icon 1 659

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -7 articles for you...
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisoryGentoohigh severity

Gentoo: GLSA-202304-15 Critical Alert: Retro Racer Engine Exploit

Scorched 3D is vulnerable to a format string attack in the chat box that leads to Denial of Service on the game server and possibly allows execution of arbitrary code. [More...]. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200404-12 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: Scorched 3D server chat box format string vulnerability Date: April 09, 2004 Bugs: #39302 ID: 200404-12 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Scorched 3D is vulnerable to a format string attack in the chat box that leads to Denial of Service on the game server and possibly allows execution of arbitrary code. Background ========= Scorched 3D is a game based loosely on the classic DOS game "Scorched Earth". Scorched 3D adds amongst other new features a 3D island environment and LAN and internet play. Scorched 3D is totally free and is available for multiple operating systems. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- games-strategy/scorched3d < 37 > = 37 Description ========== Scorched 3D (build 36.2 and before) does not properly check the text entered in the Chat box (T key). Using format string characters, you can generate a heap overflow. This and several other unchecked buffershave been corrected in the build 37 release. Impact ===== This vulnerability can be easily exploited to remotely crash the Scorched 3D server, disconnecting all clients. It could also theorically be used to execute arbitrary code on the server with the rights ofthe user running the server. Workaround ========= A workaround is not currently known for this issue. All users are advised to upgrade to the latest version of the affected package. Resolution ========= Scorched 3D users should upgrade to version 37 or later: # emerge sync # emerge -pv "> =games-strategy/scorched3d-37" # emerge "> =games-strategy/scorched3d-37" Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/200404-12 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org/. License ====== Copyright 2004 Gentoo Technologies, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/1.0/ . Exploitable 3D messaging interface vulnerability presents risks of DoS and possible code compromise. Immediate patching recommended for all customers!. format string attack,Gentoo security,Scorched 3D exploit. . LinuxSecurity.com Team

Calendar 2 Apr 09, 2004 Gentoo
87
Ls Advisories Debian Esm H240
Price Tag 1security advisoryupdateDebian

Debian 2.2: DSA-061-1 Moderate: GnuPG Format Attack & Trust Issue

A printf format string attack and "web of trust" pollution vulnerabilities have been fixed.. ------------------------------------------------------------------------ Debian Security Advisory DSA-061-1 This email address is being protected from spambots. You need JavaScript enabled to view it. Debian -- Security Information Wichert Akkerman June 16, 2001 ------------------------------------------------------------------------ Package : gnupg Problem type : printf format attack web of trust pollution Debian-specific: no The version of GnuPG (GNU Privacy Guard, an OpenPGP implementation) as distributed in Debian GNU/Linux 2.2 suffers from two problems: fish stiqz reported on bugtraq that there was a printf format problem in the do_get() function: it printed a prompt which included the filename that was being decrypted without checking for possible printf format attacks. This could be exploited by tricking someone into decrypting a file with a specially crafted filename. The second bug is related to importing secret keys: when gnupg imported a secret key it would immediately make the associated public key fully trusted which changes your web of trust without asking for a confirmation. To fix this you now need a special option to import a secret key. Both problems have been fixed in version 1.0.6-0potato1. wget url will fetch the file for you dpkg -i file.deb will install the referenced file. Debian GNU/Linux 2.2 alias potato --------------------------------- Potato was released for alpha, arm, i386, m68k, powerpc and sparc. Source archives: MD5 checksum: 4928a4a589c11cadea852347d23edf5a MD5 checksum: e6057febed9106dfc9f77fb61fbd0ca4 MD5 checksum: 7c319a9e5e70ad9bc3bf0d7b5008a508 Alpha architecture: MD5 checksum: 76c3f586b91bba1c69a6fb6ea93a2fbd ARM architecture: MD5 checksum: 84a47897a38f44b07180e9a9ec16ab49 Intel IA-32 architecture: MD5 checksum: d3a91ccc9d1c951b80afe17e59190db3 Motorola680x0 architecture: MD5 checksum: 6b12f23b3c3840574af826db147ed9cd PowerPC architecture: MD5 checksum: a5a9bffdce2abf112c2058097f48f784 Sun Sparc architecture: MD5 checksum: 487c0d605ff5b3fdce2212d4e9c07bf0 These packages will be moved into the stable distribution on its next revision. For not yet released architectures please refer to the appropriate directory . -- ---------------------------------------------------------------------------- apt-get: deb Debian -- Security Information stable/updates main dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . The software package GnuPG on Debian has resolved two critical security issues, including a format string vulnerability and a weakness in trust management mechanisms.. Debian GnuPG Security Update, Format String Attack, Trust Management Issue. . LinuxSecurity.com Team

Calendar 2 Jun 18, 2001 Debian
Banner 2 1028x280 1708121730 1 1771599631
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here