Alerts This Week
Warning Icon 1 609
Alerts This Week
Warning Icon 1 609

Stay Secure with the Latest Linux Advisories

Fedora Large Esm H800
Fedora

Fedora 44 Transmission 4.1.2 Important Clickjacking Fix CVE-2026-38978

Calendar White Jun 05, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 44 libre 4.8.1 Critical Update Details for Real-Time Communication

Calendar White Jun 05, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 44 NextCloud Update Denial of Service JSON Tampering 2026-30881a5be7

Calendar White Jun 05, 2026
Important
Fedora Large Esm H800
Fedora

Fedora 44 python-starlette Security Fix for CVE-2026-48710

Calendar White Jun 05, 2026
Critical
Fedora Large Esm H900
Fedora

Fedora 44 perl-Cpanel-JSON-XS Moderate Denial of Service CVE-2026-9516

Calendar White Jun 05, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 44 rubygem-yard High Path Traversal Fix Vuln 2026-acefc1fe48

Calendar White Jun 05, 2026
high
Fedora Large Esm H800
Fedora

Fedora 44 Rust Sequoia Sop Low-Severity Fix Advisory 2026-5c5f4f40a4

Calendar White Jun 05, 2026
Low
Fedora Large Esm H900
Fedora

Fedora 44 rust-sequoia-sq Low Threat Security Advisory 2026-5c5f4f40a4

Calendar White Jun 05, 2026
Low
Fedora Large Esm H900
Fedora

Fedora 44 rust-sequoia-wot Low Severity Security Fix 2026-5c5f4f40a4

Calendar White Jun 05, 2026
Low
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -2 articles for you...
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorycriticalaccess issue

Ubuntu 7.10: USN-711-1 Critical KTorrent Access Threats and Fixes

It was discovered that KTorrent did not properly restrict access when using the web interface plugin. A remote attacker could use a crafted http request and upload arbitrary torrent files to trigger the start of downloads and seeding. (CVE-2008-5905) [More...]. ==========================================================Ubuntu Security Notice USN-711-1 January 26, 2009 ktorrent vulnerabilities CVE-2008-5905, CVE-2008-5906 ========================================================== A security issue affects the following Ubuntu releases: Ubuntu 7.10 Ubuntu 8.04 LTS Ubuntu 8.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 7.10: ktorrent 2.2.1-0ubuntu3.1 Ubuntu 8.04 LTS: ktorrent 2.2.5-0ubuntu1.1 Ubuntu 8.10: ktorrent 3.1.2+dfsg.1-0ubuntu2.1 After a standard system upgrade you need to restart KTorrent to effect the necessary changes. Details follow: It was discovered that KTorrent did not properly restrict access when using the web interface plugin. A remote attacker could use a crafted http request and upload arbitrary torrent files to trigger the start of downloads and seeding. (CVE-2008-5905) It was discovered that KTorrent did not properly handle certain parameters when using the web interface plugin. A remote attacker could use crafted http requests to execute arbitrary PHP code. (CVE-2008-5906) Updated packages for Ubuntu 7.10: Source archives: Size/MD5: 8139 542d145b17f4c93e90358305f5082892 Size/MD5: 679 5d731774f0370fa9347ff1d4a9fe59b3 Size/MD5: 3763678 229a0615d9252510d9387079dd5bd86d amd64 architecture (Athlon64, Opteron, EM64T Xeon): Size/MD5: 2809826 64590eb7d61058feffe16b0c05c462de i386 architecture (x86 compatible Intel/AMD): Size/MD5: 2764082 0e1d642f8f86576da7aadb1ba5915993 lpia architecture (Low Power Intel Architecture): Size/MD5: 2769980 979fbc6391793dd1b976b555614b8125 powerpc architecture (Apple Macintosh G3/G4/G5): Size/MD5: 2912698 5c0baa03be10092f5f9dae0ec33cf050 sparc architecture (Sun SPARC/UltraSPARC): Size/MD5: 2764418 71d8cf3eb924098584948847752a69e7 Updated packages for Ubuntu 8.04 LTS: Source archives: Size/MD5: 8186 887b90cfe0b14d6e654edf5f83d443a1 Size/MD5: 679 1cf90260c7bb419ba83f280e0c242c1e Size/MD5: 3841204 f5cd0430250317eff85d8356d65c0a6f amd64 architecture (Athlon64, Opteron, EM64T Xeon): Size/MD5: 2812314 a60c001b92052ac0d269c894f4bafa7c i386 architecture (x86 compatible Intel/AMD): Size/MD5: 2749174 361a62003fe4029dd48b007f05a18848 lpia architecture (Low Power Intel Architecture): Size/MD5: 2762832 e458e9a11bf9d2db72c8af4d89936241 powerpc architecture (Apple Macintosh G3/G4/G5): Size/MD5: 2894978 935494d19c317011e02041b204d042a5 sparc architecture (Sun SPARC/UltraSPARC): Size/MD5: 2744550 5a1f3871c1a972155efcc1a77cac2788 Updated packages for Ubuntu 8.10: Source archives: Size/MD5: 28491 2dfc78827267f8a0316f7b871a3c5795 Size/MD5: 1616 9daa934ea811f90d15aafcb96bcb8b3e Size/MD5: 3243464 d7ec6f8f7a77f9a460c99f9ba1d95cec amd64 architecture (Athlon64, Opteron, EM64T Xeon): Size/MD5: 10574990 4039eb82f82e92c60212a4639842fb8e Size/MD5: 1876310 7d183d5f936776da921a26eb07852cf9 i386 architecture (x86 compatible Intel/AMD): Size/MD5: 10462534 b2a3142f8a5a73fac78af5651cb31a68 Size/MD5: 1872266 7f2002e96efccf24fd12178a0ac2af91 lpia architecture (Low Power Intel Architecture): Size/MD5: 10485854 5b8f4fda1bb0b2e797a2b6d59bbe0f1a Size/MD5: 1891462 4b37c0d9502c46aa5f55e7cccd35c7b5 powerpcarchitecture (Apple Macintosh G3/G4/G5): Size/MD5: 11060316 fd33f09a63abe5485884da105fd5de91 Size/MD5: 1947996 561ba5edef371c84a165d61a88df0b80 sparc architecture (Sun SPARC/UltraSPARC): Size/MD5: 10583140 b2957586c0802312c7e837336b2dfc10 Size/MD5: 1873550 2d38e242cfa474fb4c335a1ae2475482 . Uncover essential KTorrent security flaws in Ubuntu editions, involving authentication challenges and potential remote attack threats. Upgrade immediately!. KTorrent Security, Ubuntu Advisory, Remote Access Issues, Software Update. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jan 26, 2009 Critical Ubuntu
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorycriticalFedora

Fedora 9: 2008-9167 Critical: Ktorrent Webinterface Security Problems

Another bugfix release for the 3.1 series is out. This fixes several bugs : * A crash caused by a SIGBUS, when diskspace preallocation is disabled * High CPU usage when DNS lookups fail in the UDP tracker code * Several security issues in the webinterface plugin. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2008-9167 2008-10-24 22:46:35 --------------------------------------------------------------------------------Name : ktorrent Product : Fedora 9 Version : 3.1.4 Release : 1.fc9 URL : Summary : A BitTorrent program for KDE Description : KTorrent is a BitTorrent program for KDE. Its main features are native KDE integration, download of torrent files, upload speed capping, internet searching using various search engines, UDP Trackers and UPnP support. --------------------------------------------------------------------------------Update Information: Another bugfix release for the 3.1 series is out. This fixes several bugs : * A crash caused by a SIGBUS, when diskspace preallocation is disabled * High CPU usage when DNS lookups fail in the UDP tracker code * Several security issues in the webinterface plugin --------------------------------------------------------------------------------ChangeLog: * Thu Oct 23 2008 Rex Dieter - 3.1.4-1 - ktorrent-3.1.4 * Tue Oct 14 2008 Rex Dieter - 3.1.3-4 - KDEDInit could not launch .../ktorrent (#451559, kde#157853) * Mon Oct 13 2008 Roland Wolters - 3.1.3-3 - Update to upstream version 3.1.3 * Fri Aug 8 2008 Rex Dieter - 3.1.2-1 - ktorrent-3.1.2 * Sun Jul 13 2008 Roland Wolters - 3.1-5 - Update to version 3.1 * Wed May 14 2008 Roland Wolters - 3.0.2-3 - bugfix update to version 3.0.2 - some spec file fixes due to an update error * Mon Apr 28 2008 Rex Dieter - 3.0.1-4 - %postun: remove extraneous scriplets - -devel: own %{_kde4_includedir}/libbtcore/ (and subdirs) - -devel: Requires: kdelibs4-devel - drop:Requires: oxygen-icon-theme (kde4 runtime already does) - Requires(post,postun): xdg-utils --------------------------------------------------------------------------------References: [ 1 ] Bug #451559 - KDEInit could not launch /usr/bin/ktorrent https://bugzilla.redhat.com/show_bug.cgi?id=451559 [ 2 ] Bug #468233 - ktorrent not up to date https://bugzilla.redhat.com/show_bug.cgi?id=468233 --------------------------------------------------------------------------------This update can be installed with the "yum" update program. Use su -c 'yum update ktorrent' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ Fedora-package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . The latest ktorrent update in Fedora 9 addresses stability problems, excessive CPU usage, and vulnerabilities within the web interface.. ktorrent security,Fedora update,web interface security. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Oct 24, 2008 Critical Fedora
Banner 2 1028x280 1708121730 1 1771599631
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorycritical issueremote exploit

Debian 4.0: DSA 1373-2 Critical: Ktorrent Directory Traversal Issue

It was discovered that ktorrent, a BitTorrent client for KDE, was vulnerable to a directory traversal bug which potentially allowed remote users to overwrite arbitrary files.. - ------------------------------------------------------------------------Debian Security Advisory DSA 1373-2 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Steve Kemp October 23th, 2007 http://www.debian.org/security/faq - ------------------------------------------------------------------------Package : ktorrent Vulnerability : directory traversal Problem type : remote Debian-specific: no CVE Id(s) : CVE-2007-1799 Debian Bug : 432007 It was discovered that ktorrent, a BitTorrent client for KDE, was vulnerable to a directory traversal bug which potentially allowed remote users to overwrite arbitrary files. This updated advisory correctly increases the version number of the fixed package such that it is installable upon the etch release of Debian. For the stable distribution (etch), this problem has been fixed in version 2.0.3+dfsg1-2.2etch1. For the old stable distribution (sarge), this package was not present. For the unstable distribution (sid), this problem was fixed in version 2.2.1.dfsg.1-1. We recommend that you upgrade your ktorrent package. Upgrade instructions - --------------------wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - -------------------------------Source archives: Size/MD5 checksum: 12627 1b6b0147d315efb6eb18aad0bfe9d81c Size/MD5 checksum: 21830953aef60283e457b7e13c1719387251612 Size/MD5 checksum: 667 caee4d3c81f64c004e7938019f9dd4a8 alpha architecture (DEC Alpha) Size/MD5 checksum: 1678792 991f0a7a383cab54d05a150c188e399c amd64 architecture (AMD x86_64 (AMD64)) Size/MD5 checksum: 1588368 530a9f34f87c0536d6d5aaaca102fa67 hppa architecture (HP PA RISC) Size/MD5 checksum: 1760924 f7599a003c13ea0ea7fff966a854a31d i386 architecture (Intel ia32) Size/MD5 checksum: 1580648 f62cffe248fd3d5789ce68367e5ed604 ia64 architecture (Intel ia64) Size/MD5 checksum: 1801342 09fd6b644031eae012b63e1a7f3ea4d1 mips architecture (MIPS (Big Endian)) Size/MD5 checksum: 1537896 c321b042f44b6ba5a29d112400f16ee5 mipsel architecture (MIPS (Little Endian)) Size/MD5 checksum: 1518866 5602bbcc1edee4649f4fb269e0b7fa00 powerpc architecture (PowerPC) Size/MD5 checksum: 1589362 37d8b62e6c350c5f6a7f500b9cc2f485 s390 architecture (IBM S/390) Size/MD5 checksum: 1563700 de2364aa5aa3f2fe782927a525f20acf sparc architecture (Sun SPARC/UltraSPARC) Size/MD5 checksum: 1553124 df9cb0e0277295f58b8e95e039571dc3 These files will probably be moved into the stable distribution on its next update. - ---------------------------------------------------------------------------------For apt-get: deb https://www.debian.org/security/ stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . ktorrent version enhancement in Debian addresses severe directory traversal vulnerabilities enabling random file replacement.. ktorrent, directory traversal exploit, Debian security updates. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Oct 23, 2007 Critical Debian
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorycriticaldebian

Debian DSA-1373-1 Critical: Ktorrent Directory Traversal Risk

It was discovered that ktorrent, a BitTorrent client for KDE, was vulnerable to a directory traversal bug which potentially allowed remote users to overwrite arbitrary files.. - ------------------------------------------------------------------------Debian Security Advisory DSA 1373-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Steve Kemp September 11th, 2007 http://www.debian.org/security/faq - ------------------------------------------------------------------------Package : ktorrent Vulnerability : directory traversal Problem type : remote Debian-specific: no CVE Id(s) : CVE-2007-1799 Debian Bug : 432007 It was discovered that ktorrent, a BitTorrent client for KDE, was vulnerable to a directory traversal bug which potentially allowed remote users to overwrite arbitrary files. For the stable distribution (etch), this problem has been fixed in version 2.0.3+dfsg1-2etch1. For the old stable distribution (sarge), this package was not present. For the unstable distribution (sid), this problem was fixed in version 2.2.1.dfsg.1-1. We recommend that you upgrade your ktorrent package. Upgrade instructions - --------------------wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - -------------------------------Source archives: Size/MD5 checksum: 663 ec1366a6819ce30b5891b7c4e0e51986 Size/MD5 checksum: 2183095 3aef60283e457b7e13c1719387251612 Size/MD5 checksum: 12570 09ef4b627881d0aa29f682dbcf860ae7 alpha architecture (DEC Alpha) Size/MD5checksum: 1678764 e9fec2e0c67431d8df32f97fd42dd408 amd64 architecture (AMD x86_64 (AMD64)) Size/MD5 checksum: 1587096 dea2c2add2b28f51c37838104cbacab6 arm architecture (ARM) Size/MD5 checksum: 1676742 4b3494cbabc09ae553459934d3544536 hppa architecture (HP PA RISC) Size/MD5 checksum: 1760846 6f4a58a69b7b61d71f8269c38351d96c i386 architecture (Intel ia32) Size/MD5 checksum: 1580584 0a98af7db2be8b6a01d4eeb4da3d20ef ia64 architecture (Intel ia64) Size/MD5 checksum: 1801310 4c336b16545584e3047e5f4ba11a3994 mips architecture (MIPS (Big Endian)) Size/MD5 checksum: 1537750 36579943948e4d73039399978fbc138a mipsel architecture (MIPS (Little Endian)) Size/MD5 checksum: 1518836 5d8c0b09e86c98680d083e903c4ca0cc s390 architecture (IBM S/390) Size/MD5 checksum: 1563558 b4d85977441bd37b7390af3efe924ad4 sparc architecture (Sun SPARC/UltraSPARC) Size/MD5 checksum: 1553024 cb40c3218f0c300590ea2ae91a577a36 These files will probably be moved into the stable distribution on its next update. - ---------------------------------------------------------------------------------For apt-get: deb https://www.debian.org/security/ stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . To address the ktorrent vulnerability linked to directory traversal, prioritize input sanitization and file path validation to avert unauthorized overwrites. ktorrent, directory traversal, file overwrite, Debian advisory, security fix. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 11, 2007 Critical Debian
Banner 2 1028x280 1708121730 1 1771599631
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisorydenial of servicegentoo

Gentoo: GLSA-200705-01 Normal: Ktorrent Remote Code Execution Threat

Multiple vulnerabilities have been discovered in Ktorrent allowing for the remote execution of arbitrary code and a Denial of Service.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200705-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Ktorrent: Multiple vulnerabilities Date: May 01, 2007 Bugs: #170303 ID: 200705-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Multiple vulnerabilities have been discovered in Ktorrent allowing for the remote execution of arbitrary code and a Denial of Service. Background ========= Ktorrent is a Bittorrent client for KDE. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-p2p/ktorrent < 2.1.3 > = 2.1.3 Description ========== Bryan Burns of Juniper Networks discovered a vulnerability in chunkcounter.cpp when processing large or negative idx values, and a directory traversal vulnerability in torrent.cpp. Impact ===== A remote attacker could entice a user to download a specially crafted torrent file, possibly resulting in the remote execution of arbitrary code with the privileges of the user running Ktorrent. Workaround ========= There is no known workaround at this time. Resolution ========= All Ktorrent users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =net-p2p/ktorrent-2.1.3" References ========= [ 1 ] CVE-2007-1384 https://www.cve.org/CVERecord?id=CVE-2007-1384 [ 2 ] CVE-2007-1385 https://www.cve.org/CVERecord?id=CVE-2007-1385 [ 3 ] CVE-2007-1799 https://www.cve.org/CVERecord?id=CVE-2007-1799 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/200705-01 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org/. License ====== Copyright 2007 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ . A series of flaws identified in Ktorrent enables potential remote code execution and Denial of Service attacks; suggested remedies outlined.. Ktorrent Vulnerabilities, Remote Execution Threat, Gentoo Advisory, Denial of Service. . LinuxSecurity.com Team

Calendar 2 May 01, 2007 Gentoo
99
Ls Advisories Slackware Esm H240
Price Tag 1security advisoryremote exploitdirectory traversal

Slackware 11.0: SSA:2007-093-02 Critical: KTorrent Remote Exploit

New ktorrent packages are available for Slackware 11.0 and -current to fix security issues. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database: . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] ktorrent (SSA:2007-093-02) New ktorrent packages are available for Slackware 11.0 and -current to fix security issues. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database: https://www.cve.org/CVERecord?id=CVE-2007-1384 https://www.cve.org/CVERecord?id=CVE-2007-1385 Here are the details from the Slackware 11.0 ChangeLog: +--------------------------+ patches/packages/ktorrent-2.1.3-i486-1_slack11.0.tgz: Upgraded to ktorrent-2.1.3. A directory traversal vulnerability in torrent.cpp in versions < 2.1.2 may allow remote attackers to overwrite the ktorrent user's files. A bug in chunkcounter.cpp in versions < 2.1.2 allows remote attackers to crash ktorrent and cause heap corruption by the use of an invalid idx value. For more information, see: https://www.cve.org/CVERecord?id=CVE-2007-1384 https://www.cve.org/CVERecord?id=CVE-2007-1385 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ HINT: Getting slow download speeds from ftp.slackware.com? Give slackware.osuosl.org a try. This is another primary FTP site for Slackware that can be considerably faster than downloading from ftp.slackware.com. Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating additional FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you. Updated package for Slackware 11.0: Updated package for Slackware -current: MD5 signatures: +-------------+ Slackware 11.0 package: 1917c267334e4b90ab04c58b1f2ff338 ktorrent-2.1.3-i486-1_slack11.0.tgz Slackware -current package: 64c4d3bf516aebe96b6591ab75c2aeb9 ktorrent-2.1.3-i486-1.tgz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg ktorrent-2.1.3-i486-1_slack11.0.tgz +-----+ . Ensure your Slackware system is secure by applying the latest ktorrent updates to rectify serious vulnerabilities in versions earlier than 2.1.2. Upgrade your package today!. Slackware Security,ktorrent Update,Remote Attack Fix,Directory Traversal Patch. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Apr 03, 2007 Critical Slackware
Banner 2 1028x280 1708121730 1 1771599631
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorycriticalremote code execution

Ubuntu 6.06 LTS USN-436-1 Critical: KTorrent Remote Code Execution Risk

Bryan Burns of Juniper Networks discovered that KTorrent did not correctly validate the destination file paths nor the HAVE statements sent by torrent peers. A malicious remote peer could send specially crafted messages to overwrite files or execute arbitrary code with user privileges. . =========================================================== Ubuntu Security Notice USN-436-1 March 12, 2007 ktorrent vulnerabilities CVE-2007-1384, CVE-2007-1385 ========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 6.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: ktorrent 1.2-0ubuntu5.1 Ubuntu 6.10: ktorrent 2.0.3+dfsg1-0ubuntu1.1 After a standard system upgrade you need to restart KTorrent to effect the necessary changes. Details follow: Bryan Burns of Juniper Networks discovered that KTorrent did not correctly validate the destination file paths nor the HAVE statements sent by torrent peers. A malicious remote peer could send specially crafted messages to overwrite files or execute arbitrary code with user privileges. Updated packages for Ubuntu 6.06 LTS: Source archives: Size/MD5: 43785 79df81a2daf88ed095153f8b664f7da4 Size/MD5: 785 b33cc9609741465d1acfed4c3e86c87e Size/MD5: 1447380 55c6c4ae679aea0ba0370058856ddb92 amd64 architecture (Athlon64, Opteron, EM64T Xeon) Size/MD5: 799590 1e15c2c9901fe1bd815d3ebebc33c841 i386 architecture (x86 compatible Intel/AMD) Size/MD5: 756604 9d33c77836ca569ac77e5cb1e43727e5 powerpc architecture (Apple Macintosh G3/G4/G5) Size/MD5: 790462 59620e287be8fa5f39725c579516d580 sparc architecture (SunSPARC/UltraSPARC) Size/MD5: 759414 53bcc7c1baf8bf5a6d2f21fd4677ab34 Updated packages for Ubuntu 6.10: Source archives: Size/MD5: 336981 510bbd0ce41892c3f73580c6912e8cca Size/MD5: 754 fba0cabd58450420a144ce4aceec77e1 Size/MD5: 2183661 891f2cc509331a4283f958b068bbcf7d amd64 architecture (Athlon64, Opteron, EM64T Xeon) Size/MD5: 1220846 74e7cbb176c3167fd3ebc1262a83fb69 i386 architecture (x86 compatible Intel/AMD) Size/MD5: 1182658 0d40b9c135c6f835da909aee5a7320a5 powerpc architecture (Apple Macintosh G3/G4/G5) Size/MD5: 1205360 1748f978c4bd43e805bd64615e5cebee sparc architecture (Sun SPARC/UltraSPARC) Size/MD5: 1159794 8c7988c495afa48bae90fc1d21f49d71 . Ubuntu Security Notice USN-436-1 March 12, 2007 ktorrent vulnerabilities CVE-2007-1384, CVE-2007-138. bryan, burns, juniper, networks, ktorrent, correctly, validate, destination. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Mar 12, 2007 Critical Ubuntu
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here