Alerts This Week
Warning Icon 1 664
Alerts This Week
Warning Icon 1 664

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -7 articles for you...
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisorygentoofile overwrite

Gentoo: 200306-16 Critical Insecure Noweb Files Local Exploit

Multiple vulnerabilities in noweb 2.9 and earlier creates temporary files insecurely, which allows local users to overwrite arbitrary files via multiple vectors including the noroff script.. - - - --------------------------------------------------------------------- GENTOO LINUX SECURITY ANNOUNCEMENT 200306-16 - - - --------------------------------------------------------------------- PACKAGE : noweb SUMMARY : insecure temporary file creations DATE : 2003-06-28 20:23 UTC EXPLOIT : local VERSIONS AFFECTED : =noweb-2.9-r3 CVE : CAN-2003-0381 - - - --------------------------------------------------------------------- quote from cve: "Multiple vulnerabilities in noweb 2.9 and earlier creates temporary files insecurely, which allows local users to overwrite arbitrary files via multiple vectors including the noroff script." SOLUTION It is recommended that all Gentoo Linux users who are running app-text/noweb upgrade to noweb-2.9-r3 as follows emerge sync emerge noweb emerge clean - - - --------------------------------------------------------------------- This email address is being protected from spambots. You need JavaScript enabled to view it. - GnuPG key is available at - - - --------------------------------------------------------------------- . Multiple vulnerabilities in Gentoo's noweb allow unauthorized local users to exploit inadequate temporary file handling. An update is recommended.. noweb vulnerabilities,file overwrite exploit,Gentoo security,local exploit,package update. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jul 01, 2003 Critical Gentoo
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydebianinsecure files

Debian: 2023:323-1 Critical: Noweb Insecure Temporary Files

Jakob Lell discovered a bug in the 'noroff' script included in noweb whereby a temporary file was created insecurely.. - -------------------------------------------------------------------------- Debian Security Advisory DSA 323-1 This email address is being protected from spambots. You need JavaScript enabled to view it. Debian -- Security Information Matt Zimmerman June 16th, 2003 http://www.debian.org/security/faq - -------------------------------------------------------------------------- Package : noweb Vulnerability : insecure temporary files Problem-Type : local Debian-specific: no CVE Id : CAN-2003-0381 Jakob Lell discovered a bug in the 'noroff' script included in noweb whereby a temporary file was created insecurely. During a review, several other instances of this problem were found and fixed. Any of these bugs could be exploited by a local user to overwrite arbitrary files owned by the user invoking the script. For the stable distribution (woody) these problems have been fixed in version 2.9a-7.3. For old stable distribution (potato) this problem has been fixed in version 2.9a-5.1. For the unstable distribution (sid) this problem will be fixed soon. We recommend that you update your noweb package. Upgrade Instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 2.2 alias potato - --------------------------------- Source archives: Size/MD5 checksum: 597 137a3145bc50159f0b9abd217d9f2f62 Size/MD5 checksum: 69048 a77cc9e502d6e891c6aa74df7b0c9fe5 Size/MD5 checksum: 687372 1096b16aaa281a97e269eb5d80236296 Alpha architecture: Size/MD5 checksum: 1327308 10b065044f506c8c548bb6e2c76c5fec Intel IA-32 architecture: Size/MD5 checksum: 976072 ffa9f84860085bfda89791c79867d3fd Debian GNU/Linux 3.0 alias woody - -------------------------------- Source archives: Size/MD5 checksum: 607 ac68c7e4f9057d9b5a38238c28f7d266 Size/MD5 checksum: 41136 122211b0a7590e7cdc21aaa9a890d082 Size/MD5 checksum: 687372 1096b16aaa281a97e269eb5d80236296 Alpha architecture: Size/MD5 checksum: 1339532 6f3f10aa4a5056d003c91b3f4564871c ARM architecture: Size/MD5 checksum: 1061418 6ca2d4bd8026333006c2566f918f12ca Intel IA-32 architecture: Size/MD5 checksum: 966664 b4a1b216e98e3dda4bd62eb37618f1ca HP Precision architecture: Size/MD5 checksum: 1257458 4d13eb89c7cf9ba72ab0a30e4d5cb7ab Motorola 680x0 architecture: Size/MD5 checksum: 920562 110bd24b5abaa99d2633121b8b103825 Big endian MIPS architecture: Size/MD5 checksum: 1145274 7dbf6bdbe25c08f94984fbf9b5e2979f These files will probably be moved into the stable distribution on its next revision. - --------------------------------------------------------------------------------- For apt-get: deb Debian -- Security Information stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. Package info: `apt-cache show ' and https://www.debian.org/distrib/packages . Debian Security Advisory DSA 323-1 addresses critical insecure temporary file vulnerability found in noweb requiring prompt updates.. Debian Security Advisory, Noweb Exploit, Insecure Temporary Files, Local Exploit Remedies. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jun 17, 2003 Critical Debian
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here