Alerts This Week
Warning Icon 1 677
Alerts This Week
Warning Icon 1 677

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -6 articles for you...
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorybuffer overflowcritical

Debian: DSA 1115-2 Critical: Qmail Remote Code Execution Vulnerability

Andreas Seltenreich discovered a buffer overflow in hashcash, a postage payment scheme for email that is based on hash calculations, which could allow attackers to execute arbitrary code via specially crafted entries.. - --------------------------------------------------------------------------Debian Security Advisory DSA 1114-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Martin Schulze July 21st, 2006 http://www.debian.org/security/faq - --------------------------------------------------------------------------Package : hashcash Vulnerability : buffer overflow Problem type : local (remote) Debian-specific: no CVE ID : CVE-2006-3251 BugTraq ID : 18659 Debian Bug : 376444 Andreas Seltenreich discovered a buffer overflow in hashcash, a postage payment scheme for email that is based on hash calculations, which could allow attackers to execute arbitrary code via specially crafted entries. For the stable distribution (sarge) this problem has been fixed in version 1.17-1sarge1. For the unstable distribution (sid) this problem has been fixed in version 1.21-1. We recommend that you upgrade your hashcash package. Upgrade Instructions - --------------------wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given at the end of this advisory: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.1 alias sarge - -------------------------------- Source archives: Size/MD5 checksum: 571 0e6e1272eaec884fa66ae84e962f51cc Size/MD5 checksum: 3604 bb43fcc72e1c40cfd7e8a337902c7c89 Size/MD5 checksum: 1855229e5a8a35941c0cdccac93f41bd943593 Alpha architecture: Size/MD5 checksum: 168504 b0ee6dc37c1fbcc9d9084cecfbb9f5e6 AMD64 architecture: Size/MD5 checksum: 131586 34e12310aa9e4c8016df21af7c5ee4f0 ARM architecture: Size/MD5 checksum: 129036 8ef6ad2e6f6ce729893381aa72a6af77 Intel IA-32 architecture: Size/MD5 checksum: 125388 f478094512ce7fbcc0ea7f43c7942cda Intel IA-64 architecture: Size/MD5 checksum: 180272 aa2465a8d3209bc7f60966c8077fba2f HP Precision architecture: Size/MD5 checksum: 148194 2bf6d28a30e6f287b9f92ff7aad958db Motorola 680x0 architecture: Size/MD5 checksum: 113598 09d1c3002b95945e66464de441bd6875 Big endian MIPS architecture: Size/MD5 checksum: 153776 fbd29b41912a027feec7cf0c10c858c9 Little endian MIPS architecture: Size/MD5 checksum: 153382 2d231cd9aecdd9751c0dc1981c77b652 PowerPC architecture: Size/MD5 checksum: 140396 1e2bf003d9165dc91558d9a4109c48b3 IBM S/390 architecture: Size/MD5 checksum: 139680 57adea417e98c12c7e1512b00e40148c Sun Sparc architecture: Size/MD5 checksum: 156978 1fd5a5647dfb17bb223b783561f1e95e These files will probably be moved into the stable distribution on its next update. - ---------------------------------------------------------------------------------For apt-get: deb https://www.debian.org/security/ stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Upgrades to hashcash address buffer overflow vulnerabilities through enhanced input validation, secure buffer management, safe function use, and regular updates. Hashcash Fix, Debian Security, Code Execution, Buffer Overflow. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jul 21, 2006 Critical Debian
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisoryhigh severitygentoo

Gentoo: GLSA-200606-25 High: Hashcash Heap Overflow Risk and Mitigation

A heap overflow vulnerability in the Hashcash utility could allow an attacker to execute arbitrary code.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200606-25 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: Hashcash: Possible heap overflow Date: June 26, 2006 Bugs: #134960 ID: 200606-25 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= A heap overflow vulnerability in the Hashcash utility could allow an attacker to execute arbitrary code. Background ========= Hashcash is a utility for generating Hashcash tokens, a proof-of-work system to reduce the impact of spam. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-misc/hashcash < 1.21 > = 1.21 Description ========== Andreas Seltenreich has reported a possible heap overflow in the array_push() function in hashcash.c, as a result of an incorrect amount of allocated memory for the "ARRAY" structure. Impact ===== By sending malicious entries to the Hashcash utility, an attacker may be able to cause an overflow, potentially resulting in the execution of arbitrary code with the privileges of the user running the application. Workaround ========= There is no known workaround at this time. Resolution ========= All Hashcash users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =net-misc/hashcash-1.21" References ========= [ 1 ] Hashcash ChangeLog http://www.hashcash.org/source/CHANGELOG Availability =========== ThisGLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/200606-25 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org/. License ====== Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ . Gentoo Linux Security Notice regarding Hashcash buffer overflow underscores dangers and solutions for impacted users. Take immediate action!. Hashcash Heap Overflow Attack,Gentoo Security Update,Code Execution Threat. . LinuxSecurity.com Team

Calendar 2 Jun 26, 2006 Gentoo
Banner 1 1028x280 1708121660 1771599717
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisorygentooformat string

Gentoo: GLSA-202309-17 Normal: Security Concern in Credential Encryption

A format string vulnerability in the Hashcash utility could allow an attacker to execute arbitrary code.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200503-12 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Hashcash: Format string vulnerability Date: March 06, 2005 Bugs: #83541 ID: 200503-12 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= A format string vulnerability in the Hashcash utility could allow an attacker to execute arbitrary code. Background ========= Hashcash is a utility for generating Hashcash tokens, a proof-of-work system to reduce the impact of spam. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-misc/hashcash < 1.16-r1 > = 1.16-r1 Description ========== Tavis Ormandy of the Gentoo Linux Security Audit Team identified a flaw in the Hashcash utility that an attacker could expose by specifying a malformed reply address. Impact ===== Successful exploitation would permit an attacker to disrupt Hashcash users, and potentially execute arbitrary code. Workaround ========= There is no known workaround at this time. Resolution ========= All Hashcash users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =net-misc/hashcash-1.16-r1" Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/200503-12 Concerns? ======== Security is a primary focus of Gentoo Linux andensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org/. License ====== Copyright 2005 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.0/ . Hashcash in Gentoo is susceptible to a format string vulnerability, allowing malicious actors to run unauthorized code. Users should upgrade promptly.. Hashcash Vulnerability, Gentoo Security, Format String Issue. . LinuxSecurity.com Team

Calendar 2 Mar 06, 2005 Gentoo
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here