Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -7 articles for you...
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorybuffer overflowcritical

SuSE: 2001:10 Urgent: xntp Vulnerability for Remote Root Access

An exploit published by Przemyslaw Frasunek demonstrates a buffer overflow in the control request parsing code of the ntpd.. ______________________________________________________________________________ SuSE Security Announcement Package: xntp Announcement-ID: SuSE-SA:2001:10 Date: Monday, April 9th 22:30 MEST Affected SuSE versions: (6.0, 6.1, 6.2), 6.3, 6.4, 7.0, 7.1 Vulnerability Type: remote root compromise Severity (1-10): 8 SuSE default package: no Other affected systems: systems using xntp in newer versions Content of this advisory: 1) security vulnerability resolved: xntp problem description, discussion, solution and upgrade information 2) pending vulnerabilities, solutions, workarounds 3) standard appendix (further information) ______________________________________________________________________________ 1) problem description, brief discussion, solution, upgrade information xntp is the network time protocol package widely used with many unix and linux systems for system time synchronization over a network. An exploit published by Przemyslaw Frasunek demonstrates a buffer overflow in the control request parsing code. The exploit allows a remote attacker to execute arbitrary commands as root. All versions as shipped with SuSE Linux are affected by the buffer overflow problem. A temporary workaround is to kill the daemon and to set the variable START_XNTPD in the file /etc/rc.config to "no" so that the daemon will not be started again upon reboot of the system. Correct the system time manually if necessary or adjust the time by running ntpdate from a cron job on a regular basis. We believe that this problem is generally underestimated since the xntpd daemon tends to get forgotten over the years of a system's life- time once installed and configured. Thexntpd daemon is not started by default in SuSE Linux distributions. We strongly recommend to immediately update the xntp package on each system where the daemon is installed, configured and running. Note: The xntp update packages for most distributions have been available for download since Friday last week. The packages for all 6.4 and 7.0 version distributions had to be rebuilt due to a specfile bug that did not show up earlier and that caused a delay in building packages. This bug causes the rpm subsystem to complain about the release number of the package. Now that this bug is corrected, you might find yourself having installed a package where there is a newer version of the package on the ftp server. However, regardless of the package release number, all published packages fix the currently known security problems in the xntpd network time daemon. Note: The source rpm of xntp in newer distributions generates two packages: xntp.rpm and xntpdoc.rpm. It is not necessary to update the xntpdoc package which is why we do not provide the update packages on our ftp server. The xntpdoc package only contains the documentation for the xntp package and did not change in this updated package. Download the update package from locations desribed below and install the package with the command `rpm -Uhv file.rpm'. The md5sum for each file is in the line below. You can verify the integrity of the rpm files using the command `rpm --checksig --nogpg file.rpm', independently from the md5 signatures below. SPECIAL INSTALL INSTRUCTIONS: ============================= The xntpd daemon must be restarted for the new package to become active after the installation of the update rpm. You can do this by running the command kill -15 `pidof xntpd` as root. After performing the upgrade using the rpm command above, you can restart the xntpd: rcxntpd start You should now see the newdaemon synchronizing in your syslogs, depending on where you configured the daemon to write its logs to. i386 Intel Platform: SuSE-7.1 9e39ca8f7b01fef22766463b8295e25d source rpm: dfa51b46c92b917353f52e5d83863478 SuSE-7.0 4293ad8a3e084ec5d773bbcab8380c08 source rpm: 745b894dcb6a97caa36f97858a51e279 SuSE-6.4 8001ac19d0ee812be82b6b066b4313d5 source rpm: 7d56618cba3d768aa53246f39158987d SuSE-6.3 2f5d7b43b167c6acf13f68b13b1b7989 source rpm: 11182e5e8c3769e6f9498ade9fcbe1fc SuSE-6.2 (unsupported platform) 5b55d179e3d4a0c57513bed03013c1a9 source rpm: dbb7c833ddc25b0bde406b4319d4106f SuSE-6.1 (unsupported platform) baa93b55a4eaa486968fa6285f04c865 source rpm: 06f0174e8934e3ce6f419284564a7c91 Sparc Platform: SuSE-7.1 The xntp packages for the SuSE-7.1 sparc distribution are currently pending for being built. They will be available on the ftp server as soon as they are built. The packages are gpg-signed using the key that should have been installed on your system upon system installation/upgrade. Use the command `rpm --checksig xntp.rpm´ to verify this signature once the packages are available for download. In the meanwhile, please use the temporary workaround as described above. SuSE-7.0 bea9ea6a88ae68f27962d1b9ad866eac source rpm: 83243db2982126e1a6ba371ef6dcf59b AXP Alpha Platform: SuSE-7.0 e410a96c44f12ba3d51a4f1f3e056fcd source rpm: 61ed8e66753868735cd14e94cb295718 SuSE-6.4 9460bd3eaf5500c0184d9394b8b86627 source rpm: 5c62ef99f064b687047087562cfe54ca SuSE-6.3 ad8c8494f0aaa06a1690e4edcaa43904 source rpm: 743fe2aba27f1801ac5b14cff2f2edb6 SuSE-6.1 (unsupported platform) d400eeecb9bd0b4347f3fe58f7f90fee source rpm: e2d01c31542ebbf8c740b820a6372ad1 PPC Power PC Platform: SuSE-7.1 The xntp packages for the SuSE-7.1 ppc distribution are currently pending for being built. They will be available on the ftp server as soon as they are built. The packages are gpg-signed using the key that should have been installed on your system upon system installation/upgrade. Use the command `rpm --checksig xntp.rpm´ to verify this signature once the packages are available for download. In the meanwhile, please use the temporary workaround as described above. SuSE-7.0 2d82e8f63df84cb409df7659437c1177 source rpm: a0bce6c36cf30da1aa587e03103a01f6 SuSE-6.4 fe9082268bdf53dddcaad075284f899b source rpm: 1940b97593e3e134487d294a721e350d ______________________________________________________________________________ 2) Pending vulnerabilities in SuSE Distributions and Workarounds: - kernel Please expect security updates of the Linux kernel soon. To resolve all currently known security problems in the Linux kernel, update the kernel manually to version 2.2.19 or wait until the SuSE update rpm packages for the supported distributions 6.3, 6.4, 7.0 and 7.1 are ready to be used and available for download. - more updates In addition to the kernel update, please expect more packages to see security updates. Currently, this involves vim, mc and sudo. - bind8 The update packages for the 7.0 sparc distribution is available. c7e2a95bd4b90d03207ffc3a9880c36c source rpm: 5d4d4b608f2a8a3e61f7dc6917254f4f The SuSE-7.1 sparc distribution was published after the bugs in bind8 were corrected. ______________________________________________________________________________ 3) standard appendix: SuSE runs two security mailing lists to which any interested party may subscribe: This email address is being protected from spambots. You need JavaScript enabled to view it. - general/linux/SuSE security discussion. All SuSE security announcements are sent to this list. To subscribe, send an email to . This email address is being protected from spambots. You need JavaScript enabled to view it. - SuSE's announce-only mailing list. Only SuSE's security annoucements are sent to this list. To subscribe, send an email to . For general information or the frequently asked questions (faq) send mail to: or respectively. ============================================== SuSE's security contact is . ============================================== ______________________________________________________________________________ The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. SuSE GmbH makes no warranties of any kind whatsoever with respect to the information contained in this security advisory. Type Bits/KeyID Date User ID pub 2048/3D25D3D9 1999/03/06 SuSE Security Team -----BEGIN PGP PUBLIC KEY BLOCK----- Version:2.6.3i mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh 1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+ cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7 tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63 Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+ x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0 Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2 saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o L0oixF12Cg==pIeS -----END PGP PUBLIC KEY BLOCK----- . A critical vulnerability in xntpd allows unauthorized remote root access. Apply updates immediately.. xntp Security, SuSE Advisory, Remote Access Security, Software Update. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Apr 09, 2001 Important SuSE
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorybuffer overflowSuSE

SuSE 6.2-7.0 Advisory: pam_smb Remote Root Access Threat (Severity 8)

Versions 1.1.5 and before contain a buffer overflow that would allow a remote attacker to gain root access on the target host.. -----BEGIN PGP SIGNED MESSAGE----- ______________________________________________________________________________ SuSE Security Announcement Package: pam_smb Date: Wednesday, September 13th, 2000 18:00 MEST Affected SuSE versions: 6.2, 6.3, 6.4, 7.0 Vulnerability Type: remote root compromise Severity (1-10): 8 SuSE default package: no Other affected systems: Linux systems using the pam_smb module Content of this advisory: 1) security vulnerability resolved: pam_smb problem description, discussion, solution and upgrade information 2) pending vulnerabilities, solutions, workarounds 3) standard appendix (further information) ______________________________________________________________________________ 1) problem description, brief discussion, solution, upgrade information pam_smb is a package for a PAM (Pluggable Authentication Modules) module that allows Linux/Unix user authentication using a Windows NT server. Versions 1.1.5 and before contain a buffer overflow that would allow a remote attacker to gain root access on the target host, provided that the target host has the module installed and configured. The bug was found by Shaun Clowes , and a new, fixed version of the package was promptly published by Dave Airlie , the author of the pam_smb package. SuSE distributions starting with SuSE-6.2 have the package pam_smb installed if a network server installation configuration has been selected or if the package has been selected manually. To find out if the PAM module is installed, use the command `rpm -q pam_smb'. If the module package is not installed, your host does not exhibit the weakness. If you do not use the pam_smb module, you can safelyremove it using the command `rpm -e pam_smb'. SuSE provides update packages with the latest version of pam_smb. If you do use the module, you should upgrade the package as soon as possible. There is currently no easy workaround for this problem other than a package upgrade. Download the update package from locations desribed below and install the package with the command `rpm -Fhv file.rpm'. The md5sum for each file is in the line below. You can verify the integrity of the rpm files using the command `rpm --checksig --nogpg file.rpm', independently from the md5 signatures below. i386 Intel Platform: SuSE-7.0 b5f7c7d92f9f023446a6ca3e73689aee source rpm: f56fa744add8ccdc9777f28475106148 SuSE-6.4 736c2fe5460724461b96d60b057bd4ab source rpm: fcfa4609d7d62c6fb0e1f03652dcaf56 SuSE-6.3 d5559e6f3474adcc041f7f8156cde15d source rpm: 4fecea0bdf9db5c97d20e0c1e6153663 SuSE-6.2 73258171e7837d2995b39ebeeb3a87ff source rpm: f8f6f03f3c15f2f3c38f30bd97164919 Sparc Platform: SuSE-7.0 9514dd4d6b54208468f0b5aca6ac51e4 source rpm: 22e8dc3e1b51a0f73e7451edd32dc824 AXP Alpha Platform: SuSE-6.4 58547d46f0d19a73f6df6dd60693379f source rpm: 5a14499e61e22607efd6f5a6700bf9f8 SuSE-6.3 b507bcffe74723c5e950af141e17dce5 source rpm: f9e692675604c2e1fad3567b394e12d6 PPC Power PC Platform: SuSE-6.4 4a098a9308e93f207fa908f6febd7800 source rpm: 7e13f60d71ecbda1fc4e3b3765a5ec35 ______________________________________________________________________________ 2) Pending vulnerabilities in SuSE Distributions and Workarounds: - zope Zope is contained in SuSE-7.0, i386 Intel and Sparc Platforms only. A permission problem can lead to users given extra roles for the duration of a single request by mutating the roles list as a part of the request processing. Please update the package from our ftp server using the commands as described above in section 1). Considering the moderate severity of the problem and the noise on the security mailing lists, we do not provide a seperate security advisory to address this problem. i386 Intel Platform: 472928c355c78c40973c01b9dc606adc source rpm: 9adbba630924b684458643f753d44832 Sparc Platform: SuSE-7.0 89358a5217ca6bb3c778cc0f2173d3fb source rpm: 9ce982884dc73e29bc60da3a00f3ab55 - xchat The xchat IRC client may be tricked to execute arbitrary commands if the user clicks on an URL. We will provide an update package shortly. Please note that this kind of problem is rather common and will be addressed soon in a future advisory for another package. - IMP IMP is a webmail application to allow users to read and write their email in a browser. Security problems have been found that would allow attackers to run arbitrary commands on the webserver running IMP. SuSE does not ship IMP or the Apache module "horde" that IMP is based on. ______________________________________________________________________________ 3) standard appendix: SuSE runs two security mailing lists to which any interested party may subscribe: This email address is being protected from spambots. You need JavaScript enabled to view it. - general/linux/SuSE security discussion. All SuSE security announcements are sent to this list. To subscribe, send an email to . This email address is being protected from spambots. You need JavaScript enabled to view it. - SuSE's announce-only mailing list. Only SuSE's security annoucements are sent to this list. To subscribe, send an email to . For general information or the frequently asked questions (faq) send mail to: or respectively. ============================================== SuSE's security contact is . ============================================== Regards, Roman Drahtmüller. - - -- - - | Roman Drahtmüller // "Caution: Cape does | SuSE GmbH - Security Phone: // not enable user to fly." | Nürnberg, Germany +49-911-740530 // (Batman Costume warning label) | - - ______________________________________________________________________________ The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. SuSE GmbH makes no warranties of any kind whatsoever with respect to the information contained in this security advisory. Type Bits/KeyID Date User ID pub 2048/3D25D3D9 1999/03/06 SuSE Security Team - -----BEGIN PGP PUBLIC KEY BLOCK----- Version:2.6.3i mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh 1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+ cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7 tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63 Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+ x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0 Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2 saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o L0oixF12Cg==pIeS - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: noconv iQEVAwUBOb+lbHey5gA9JdPZAQGoaAf/Scih4DSvieaIS+nw1amDM4Z4ybO6IXyH h5V9Oc0pMoacPqN9eqRBgE9AfP2OekCYs4X27TbKpW5sRHZ9/H3ttF+FRrV+ImHe vCiLjc8tUnY6/yG5mHDTjMtSHpJNmpI1y8oj4VgWfkO9hZcXqP9k/vMblUBMxezi ZaYRYinPULRQ+CPPapOr5p7KMIx0qGVa9CfEQJpr0g4KFktbQrm5gbDCtEwFSb03 Wrkrfe+WTGqFYJ9zMBJZdn68J9dnjgMM7c/cRmzM9xr3LI0hfPnDCwa8kkLkKBq8 POwK59t2kzfODrBnfymvb/3AlQddt67qbFu3n0mlOoXR42qP1QJpRw==OYCm -----END PGP SIGNATURE----- . Resolved a significant memory corruption issue in pam_smb that allows external attackers to gain root access on SuSE systems. Urgent updating recommended.. SuSE Security Advisory,pam_smb Patch,Remote Root Exploit Fix,Linux Security Updates,System Vulnerability Mitigation. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 13, 2000 Critical SuSE
Banner 4 1028x280 1708121825 1771600306
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here