Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -7 articles for you...
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorymoderatebuffer overflow

SuSE: 2001:08 Moderate: eperl Local And Remote Compromise

Fumitoshi Ukai and Denis Barbier have found several potential buffer overflows, which could lead to local privilege escalation if installed setuid or to remote compromise.. ______________________________________________________________________________ SuSE Security Announcement Package: eperl Announcement-ID: SuSE-SA:2001:08 Date: Tuesday, March 27th, 2001 16.00 MEST Affected SuSE versions: 6.3, 6.4, 7.0, 7.1 Vulnerability Type: local and remote compromise Severity (1-10): 6 SuSE default package: no Other affected systems: all system using eperl package Content of this advisory: 1) security vulnerability resolved: eperl problem description, discussion, solution and upgrade information 2) pending vulnerabilities, solutions, workarounds 3) standard appendix (further information) ______________________________________________________________________________ 1) problem description, brief discussion, solution, upgrade information The ePerl program is a interpreter for the Embedded Perl 5 Language. It's main purpose is to serve as Webserver scripting language for dynamic HTML page programming. Besides this it could also serve as a standalone Unix filter. Fumitoshi Ukai and Denis Barbier have found several potential buffer overflows, which could lead to local privilege escalation if installed setuid (note: it's not installed setuid per default) or to remote compromise. There is currently no efficient measure against the security problems in the eperl perl interpreter other than not using or updating it. SuSE provides update packages for the defective software. SuSE Linux version before 6.3 don't include the eperl package. Download the update package from locations described below and install the package with the command `rpm -Uhv file.rpm'. The md5sum for each fileis in the line below. You can verify the integrity of the rpm files using the command `rpm --checksig --nogpg file.rpm', independently from the md5 signatures below. i386 Intel Platform: SuSE-7.1 e613b06d47dcfb7bbcea8c3d0c0e678b source rpm: c58a95f3b8ae757ea4d72f3157e2ea62 SuSE-7.0 e66520cc0062e25495941542dd5b1f82 source rpm: 34d6682524154c9fb7b5fbec4f4ea82e SuSE-6.4 4b6a5a89899320a8eeb35c149ae111f5 source rpm: 062b14716e52f2649f4380a6a6e4e7f9 SuSE-6.3 ba75d7f4a64329a3b5c324b3f0742575 source rpm: c7ae001d4668ba3a0524f94429b1e4e6 Sparc Platform: SuSE-7.1 9752f8b9df6ac1ffdc68cb4b552d6491 source rpm: f09a1ce9288c201ae63e193914fc84ce SuSE-7.0 900eddc134215569fc88d11ce14c11f3 source rpm: 76aaa0efa8ae1c84b80201f73462fc26 AXP Alpha Platform: SuSE-7.0 d7b4be8d988f8cd501a33f9d2fb12a07 source rpm: b0379287f9078fcd244cc720fad92c4d SuSE-6.4 78241206bc1b3927effdb5b1aa4d0ed5 source rpm: 325a04ec8c5c3da6b9c2fdf4e2c6c901 SuSE-6.3 88a09004e5c0c2e6174785207e111318 source rpm: a04cfa3e64aac49f6c148992e9a50189 PPC Power PC Platform: SuSE-7.1 3e05c702aca97db476155054d113ff95 source rpm: 67849b0c1c053eca482508fe2eac3042 SuSE-7.0 35584e2f1bcebced98fad2ae241824da source rpm: 98046dce35c4adfba57cc54c018376d7 SuSE-6.4 9c36bad7ec2e8f6c31307729c7d21bc8 source rpm: eeaf1144dd659fe13b6a943bf40bf65b S/390 Platform: SuSE-7.0 416974a30c9c9e435e028f2807e15a51 source rpm: b14c7d9cbb969cda54b0d9f599f1b5cc ______________________________________________________________________________ 2) Pending vulnerabilities in SuSE Distributions and Workarounds: - We are in the process of preparing update packages for the man package which has been found vulnerable to a commandline format string bug. The man command is installed suid man on SuSE systems. When exploited, the bug can be used to install a different man binary to introduce a trojan into the system. As an interim workaround, we recommend to `chmod -s /usr/bin/man´ and ignore the warnings and errors when viewing manpages. - The file browser MidnightCommander (mc) is vulnerable to unwanted program execution. Updates are currently being built. - Two bugs were found in the text editor vim. These bugs are currently being fixed. - A bufferoverflow in sudo was discovered and fixed RPMs will be available as soon as possible. A exploit was not made public until now. ______________________________________________________________________________ 3) standard appendix: SuSE runs two security mailing lists to which any interested party may subscribe: This email address is being protected from spambots. You need JavaScript enabled to view it. - general/linux/SuSE security discussion. All SuSE security announcements are sent to this list. To subscribe, send an email to . This email address is being protected from spambots. You need JavaScript enabled to view it. - SuSE's announce-only mailing list. Only SuSE's security annoucements are sent to this list. To subscribe, send an email to . For general information or the frequently asked questions (faq) send mail to: or respectively. ============================================== SuSE's security contact is . ============================================== ______________________________________________________________________________ The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. SuSE GmbH makes no warranties of any kind whatsoever with respect to the information contained in thissecurity advisory. ______________________________________________________________________________ . SuSE Security Advisory about eperl exposing vulnerabilities due to buffer overflow, with chances for both local and remote threats.. ePerl Security, SuSE Package Update, Buffer Overflow Threat, Privilege Escalation, Software Security Update. . LinuxSecurity.com Team

Calendar 2 Mar 28, 2001 SuSE
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisoryred hatsoftware update

Red Hat Linux: RHSA-2000:128-02 Critical: Slocate Heap Overflow

By using a carefully crafted database, a local user could overwrite some of slocate's internal structures, leading to a local group slocate compromise.. ` --------------------------------------------------------------------- Red Hat, Inc. Red Hat Security Advisory Synopsis: New slocate packages available to fix local group slocate compromise Advisory ID: RHSA-2000:128-02 Issue date: 2000-12-19 Updated on: 2000-12-19 Product: Red Hat Linux Keywords: slocate heap overflow Cross references: --------------------------------------------------------------------- 1. Topic: New slocate packages are availble for Red Hat Linux 6.x and Red Hat Linux 7. These fix a problem with the database parsing code in slocate. (slocate was not shipped with Red Hat Linux prior to version 6.0, so earlier versions are not affected.) 2. Relevant releases/architectures: Red Hat Linux 6.0 - alpha, i386, sparc Red Hat Linux 6.1 - alpha, i386, sparc Red Hat Linux 6.2 - alpha, i386, sparc Red Hat Linux 7.0 - alpha, i386 3. Problem description: A problem existed in the slocate database parsing code. By using a carefully crafted database, a local user could overwrite some of slocate's internal structures, leading to a local group slocate compromise. The affect of this compromise is that users could read the entire slocate database, and therefore learn the locations of files that they normally would not have permissions to locate. Thanks to Michel Kaempf, This email address is being protected from spambots. You need JavaScript enabled to view it. , and Michal Zalewski for pointing out the vulnerability. 4. Solution: For each RPM for your particular architecture, run: rpm -Fvh [filename] where filename is the name of the RPM. 5. Bug IDs fixed ( for more info): 21388 - heap corruption vulnerability 6. RPMs required: Red Hat Linux 6.0: SRPMS: alpha: i386: sparc: Red Hat Linux 6.1: SRPMS: alpha: i386: sparc: Red Hat Linux 6.2: SRPMS: alpha: i386: sparc: Red HatLinux 7.0: SRPMS: alpha: i386: 7. Verification: MD5 sum Package Name -------------------------------------------------------------------------- ba211d65172160c4a6cba5a65bd93f60 6.0/alpha/slocate-2.4-0.6.x.alpha.rpm 8b63c4c1fec7759f79559a616c5f15e9 6.0/i386/slocate-2.4-0.6.x.i386.rpm eeea0298b59fdfa6e475ee732a385942 6.0/sparc/slocate-2.4-0.6.x.sparc.rpm ba211d65172160c4a6cba5a65bd93f60 6.1/alpha/slocate-2.4-0.6.x.alpha.rpm 8b63c4c1fec7759f79559a616c5f15e9 6.1/i386/slocate-2.4-0.6.x.i386.rpm eeea0298b59fdfa6e475ee732a385942 6.1/sparc/slocate-2.4-0.6.x.sparc.rpm ba211d65172160c4a6cba5a65bd93f60 6.2/alpha/slocate-2.4-0.6.x.alpha.rpm 8b63c4c1fec7759f79559a616c5f15e9 6.2/i386/slocate-2.4-0.6.x.i386.rpm eeea0298b59fdfa6e475ee732a385942 6.2/sparc/slocate-2.4-0.6.x.sparc.rpm 5ee5ec5f65e200e9d03f4d2dda43ce07 7.0/alpha/slocate-2.4-1.alpha.rpm ba3b1c1743ec957cb8abb05818e05854 7.0/i386/slocate-2.4-1.i386.rpm 53abff41632acc6764c14ba59384cf84 6.0/SRPMS/slocate-2.4-0.6.x.src.rpm 53abff41632acc6764c14ba59384cf84 6.1/SRPMS/slocate-2.4-0.6.x.src.rpm 53abff41632acc6764c14ba59384cf84 6.2/SRPMS/slocate-2.4-0.6.x.src.rpm 2672ef24c8ca7afbcb6a327622d71c42 7.0/SRPMS/slocate-2.4-1.src.rpm These packages are GPG signed by Red Hat, Inc. for security. Our key is available at: You can verify each package with the following command: rpm --checksig If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg 8. References: Copyright(c) 2000 Red Hat, Inc. `. The latest revisions of slocate software tackle a critical security flaw linked to local group abuse stemming from a heap overflow in Red Hat Linux systems.. Red Hat Security Advisory, Heap Overflow Fixes, Slocate Exploit Insights. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Dec 19, 2000 Critical Red Hat
Banner 1 1028x280 1708121660 1771599717
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here