Alerts This Week
Warning Icon 1 659
Alerts This Week
Warning Icon 1 659

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -2 articles for you...
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorydenial of servicebuffer overflow

Debian 11: DLA-4077-1 critical: proftpd buffer overflow DoS

proftpd a popular FTP server was affected by a vulnerability. CVE-2024-57392: . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4077-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Bastien Roucariès March 02, 2025 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : proftpd-dfsg Version : 1.3.7a+dfsg-12+deb11u5 CVE ID : CVE-2024-57392 Debian Bug : 1090813 proftpd a popular FTP server was affected by a vulnerability. CVE-2024-57392: Buffer Overflow vulnerability in Proftpd allowed a remote attacker to execute arbitrary code and can cause a Denial of Service (DoS) on the FTP service by sending a maliciously crafted message to the ProFTPD service port. Moreover this release include some bug fixes: - - upstream issue #1171 "Downloading a file contains the contents of another file." - - Fix the computation of he RADIUS Message-Authenticator signature to conform more properly to RFC 2869. Fix Blastradius breakage. For Debian 11 bullseye, this problem has been fixed in version 1.3.7a+dfsg-12+deb11u5. We recommend that you upgrade your proftpd-dfsg packages. For the detailed security status of proftpd-dfsg please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . The latest Debian LTS Security Advisory DLA-4078-1 highlights a critical vulnerability in apache2 that could facilitate unauthorized data access and potential service disruptions.. Proftpd Update, Debian Security, Buffer Overflow, DLA-4077-1. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Mar 02, 2025 Critical Debian LTS
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorysecurity updatedebian

Debian 8: DLA-1873-1 Moderate: ProFTPD Incomplete Permission Validation

Tobias Maedel discovered that the mod_copy module of ProFTPD, a FTP/SFTP/FTPS server, performed incomplete permission validation for the CPFR/CPTO commands. . Package : proftpd-dfsg Version : 1.3.5e+r1.3.5-2+deb8u3 CVE ID : CVE-2019-12815 Debian Bug : 932453 Tobias Maedel discovered that the mod_copy module of ProFTPD, a FTP/SFTP/FTPS server, performed incomplete permission validation for the CPFR/CPTO commands. For Debian 8 "Jessie", this problem has been fixed in version 1.3.5e+r1.3.5-2+deb8u3. We recommend that you upgrade your proftpd-dfsg packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Enhance proftpd-dfsg to remedy partial access control flaws affecting Debian 8 users.. ProFTPD Security Update, Debian LTS, Incomplete Permission Validation, ProFTPD Mod_Copy, Debian Security Advisory. . LinuxSecurity.com Team

Calendar 2 Aug 07, 2019 Debian LTS
Banner 3 1028x280 1708121785 1771599793
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydebianftp server

Debian: DSA-4491-1 Moderate: ProFTPD Incomplete Permission Check

Tobias Maedel discovered that the mod_copy module of ProFTPD, a FTP/SFTP/FTPS server, performed incomplete permission validation for the CPFR/CPTO commands. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4491-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff August 04, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : proftpd-dfsg CVE ID : CVE-2019-12815 Debian Bug : 932453 Tobias Maedel discovered that the mod_copy module of ProFTPD, a FTP/SFTP/FTPS server, performed incomplete permission validation for the CPFR/CPTO commands. For the oldstable distribution (stretch), this problem has been fixed in version 1.3.5b-4+deb9u1. For the stable distribution (buster), this problem has been fixed in version 1.3.6-4+deb10u1. We recommend that you upgrade your proftpd-dfsg packages. For the detailed security status of proftpd-dfsg please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . An important patch rectifying inadequate access control checks in the mod_copy component of ProFTPD on Debian-based systems.. FTP Server Security, ProFTPD Update, Debian Security Advisory. . LinuxSecurity.com Team

Calendar 2 Aug 04, 2019 Debian
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydebianremote execution

Debian DSA-2346-1: ProFTPD Moderate Remote Code Execution Risk

Several vulnerabilities were discovered in ProFTPD, an FTP server: ProFTPD incorrectly uses data from an unencrypted input buffer after encryption has been enabled with STARTTLS, an issue . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2346-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Florian Weimer November 15, 2011 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : proftpd-dfsg Vulnerability : several Problem type : remote Debian-specific: no CVE ID : CVE-2011-4130 Debian Bug : 648373 Several vulnerabilities were discovered in ProFTPD, an FTP server: ProFTPD incorrectly uses data from an unencrypted input buffer after encryption has been enabled with STARTTLS, an issue similar to CVE-2011-0411. CVE-2011-4130 ProFTPD uses a response pool after freeing it under exceptional conditions, possibly leading to remote code execution. (The version in lenny is not affected by this problem.) For the oldstable distribution (lenny), this problem has been fixed in version 1.3.1-17lenny8. For the stable distribution (squeeze), this problem has been fixed in version 1.3.3a-6squeeze4. For the testing distribution (wheezy) and the unstable distribution (sid), this problem has been fixed in version 1.3.4~rc3-2. We recommend that you upgrade your proftpd-dfsg packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Multiple security flaws identified in ProFTPD require immediate updates to reduce remote execution threats on Debian platforms.. ProFTPD Security Update, Network Security, Debian Risks. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Nov 15, 2011 Important Debian
Banner 3 1028x280 1708121785 1771599793
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisoryhigh severitygentoo

Gentoo: GLSA 200611-05 High: Netkit FTP Server Privilege Escalation

An incorrect seteuid() call could allow an FTP user to access some files or directories that would normally be inaccessible.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200611-05 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: Netkit FTP Server: Privilege escalation Date: November 10, 2006 Bugs: #150292 ID: 200611-05 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= An incorrect seteuid() call could allow an FTP user to access some files or directories that would normally be inaccessible. Background ========= net-ftp/ftpd is the Linux Netkit FTP server with optional SSL support. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-ftp/ftpd < 0.17-r4 > = 0.17-r4 Description ========== Paul Szabo reported that an incorrect seteuid() call after the chdir() function can allow an attacker to access a normally forbidden directory, in some very particular circumstances, for example when the NFS-hosted targetted directory is not reachable by the client-side root user. Additionally, some potentially exploitable unchecked setuid() calls were also fixed. Impact ===== A local attacker might craft his home directory to gain access through ftpd to normally forbidden directories like /root, possibly with writing permissions if seteuid() fails and if the ftpd configuration allows that. The unchecked setuid() calls could also lead to a root FTP login, depending on the FTP server configuration. Workaround ========= There is no known workaroundat this time. Resolution ========= All Netkit FTP Server users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =net-ftp/ftpd-0.17-r4" References ========= [ 1 ] CVE-2006-5778 https://www.cve.org/CVERecord?id=CVE-2006-5778 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/200611-05 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org/. License ====== Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ . Critical alert for Gentoo: Netkit FTP Server flaw permitting unauthorized file retrieval.. Gentoo Linux, Netkit FTP, FTP Server, Privilege Escalation, Security Advisory. . LinuxSecurity.com Team

Calendar 2 Nov 10, 2006 Gentoo
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorybuffer overflowdebian

Debian Sarge ftpd-ssl Critical Update: Buffer Overflow Threat

Updated package.. - --------------------------------------------------------------------------Debian Security Advisory DSA 896-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Martin Schulze November 15th, 2005 http://www.debian.org/security/faq - --------------------------------------------------------------------------Package : linux-ftpd-ssl Vulnerability : buffer overflow Problem type : remote Debian-specific: no CVE ID : CVE-2005-3524 Debian Bug : 339074 A buffer overflow has been discovered in ftpd-ssl, a simple BSD FTP server with SSL encryption support, that could lead to the execution of arbitrary code. The old stable distribution (woody) does not contain linux-ftpd-ssl packages. For the stable distribution (sarge) this problem has been fixed in version 0.17.18+0.3-3sarge1 For the unstable distribution (sid) this problem will be fixed soon. We recommend that you upgrade your ftpd-ssl package. Upgrade Instructions - --------------------wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.1 alias sarge - -------------------------------- Source archives: Size/MD5 checksum: 640 f1999dff20d8e5c7bebbdf3ae08d9fbc Size/MD5 checksum: 5157 bb183553291a97a7505dd3eba1ee28aa Size/MD5 checksum: 61388 525f77ad02c5593fa4c5cad9abc337b7 Alpha architecture: Size/MD5 checksum: 55448 5e4b657d47730305099a47ec2d8c84df AMD64 architecture: Size/MD5 checksum: 50938 87ab0d101dc0e1c14d38888231abf11f ARMarchitecture: Size/MD5 checksum: 49478 d964f72a931cee99c560c1f348b9f733 Intel IA-32 architecture: Size/MD5 checksum: 48598 6092dcf5345c383959b9b8b3a9d9b65f Intel IA-64 architecture: Size/MD5 checksum: 65312 1f80c1ef53e6151a8d7df0ed0f2160cb HP Precision architecture: Size/MD5 checksum: 53384 a247343d426eb9ecff838905432943d8 Motorola 680x0 architecture: Size/MD5 checksum: 46112 bedd079aca908ad7f31f7fb8fe0ecab7 Big endian MIPS architecture: Size/MD5 checksum: 52262 fe07040d4d3db4fe2cd4e02c873131ee Little endian MIPS architecture: Size/MD5 checksum: 52074 5b1e112532d8b07ab278d036515d85d3 PowerPC architecture: Size/MD5 checksum: 52050 bd09d568c4e634670c698dbe33cd4775 IBM S/390 architecture: Size/MD5 checksum: 51862 d4cb84830ca8a631ed5e08344e286b18 Sun Sparc architecture: Size/MD5 checksum: 48822 d47e7a161940d64f82a7edb87df7ff3e These files will probably be moved into the stable distribution on its next update. - ---------------------------------------------------------------------------------For apt-get: deb https://www.debian.org/security/ stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Critical vulnerability patch released for ftpd-ssl in Debian with recent updates. Urgent action required to safeguard your system now.. Debian Security, Buffer Overflow Fix, ftpd-ssl Update, Remote Access Security, Software Upgrade. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Nov 15, 2005 Critical Debian
Banner 3 1028x280 1708121785 1771599793
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorycriticalSuSE

SuSE: Critical Advisory For Mirror Package Directory Traversal Risk

The mirror package is a tool to duplicate the contents of ftp servers. A vulnerability exists when attackers can create directory like " .." on the target mirror ftp server. . ______________________________________________________________________________ SuSE Security Announcement Package: mirror-2.8.f4 Date: Fri Oct 01 22:21:15 MEST 1999 Affected: all Linux distributions using mirror

Calendar 2 Dec 08, 1999 Critical SuSE
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here