Alerts This Week
Warning Icon 1 677
Alerts This Week
Warning Icon 1 677

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -7 articles for you...
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisoryRed Hat Linuxcritical

Red Hat Linux 6.2/7.0: RHSA-2000:115-01 Critical: Ncurses Setuid Exploit

If you are any setuid applications that use ncurses and its cursor movementfunctionality, local users may gain access to the program's privileges.. ` --------------------------------------------------------------------- Red Hat, Inc. Security Advisory Synopsis: New ncurses packages fixing buffer overrun available Advisory ID: RHSA-2000:115-01 Issue date: 2000-11-23 Updated on: 2000-11-23 Product: Red Hat Linux Keywords: ncurses buffer overrun exploit setuid Cross references: N/A --------------------------------------------------------------------- 1. Topic: If you are any setuid applications that use ncurses and its cursor movement functionality, local users may gain access to the program's privileges. 2. Relevant releases/architectures: Red Hat Linux 6.2 - i386, alpha, sparc Red Hat Linux 6.2EE - i386, alpha, sparc Red Hat Linux 7.0 - i386 3. Problem description: There used to be an overflowable buffer in the part of the ncurses library handling cursor movement. Attackers can force a privileged application to use their own termcap file containing a special terminal entry which will trigger the ncurses vulnerability, allowing them to execute arbitrary code with the privileges of the exploited binary. 4. Solution: For each RPM for your particular architecture, run: rpm -Fvh [filename] where filename is the name of the RPM. 5. Bug IDs fixed ( for more info): 20809 - ncurses allows local privilege escalation 6. RPMs required: Red Hat Linux 6.2: alpha: sparc: i386: sources: Red Hat Linux 7.0: i386: sources: 7. Verification: MD5 sum Package Name -------------------------------------------------------------------------- 268df5613b61b146b8cae1c59369c0b7 6.2/SRPMS/ncurses-5.0-12.src.rpm 1decbd07374fd9fb7ae5a12641d2667b 6.2/alpha/ncurses-5.0-12.alpha.rpm ed52d2bad06cee2cec081bb889a5e363 6.2/alpha/ncurses-devel-5.0-12.alpha.rpm d401a0317132c114a75dfeefb881f66c 6.2/i386/ncurses-5.0-12.i386.rpm bc84ee23b1b8f960a0911a5388c52d24 6.2/i386/ncurses-devel-5.0-12.i386.rpm 654eca10b3b44afef783c39da3b254dc 6.2/sparc/ncurses-5.0-12.sparc.rpm e273dd6e88899781bcc7441e7505de5c 6.2/sparc/ncurses-devel-5.0-12.sparc.rpm 4444a46c15c28db246b191daf4f3dfde 7.0/SRPMS/ncurses-5.2-2.src.rpm 9affe6c75ae33d616ea695766c10e44e 7.0/i386/ncurses-5.2-2.i386.rpm a555ec460de5650c4a2c42abc5de838c 7.0/i386/ncurses-devel-5.2-2.i386.rpm These packages are GPG signed by Red Hat, Inc. for security. Our key is available at: You can verify each package with the following command: rpm --checksig If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg 8. References: N/A Copyright(c) 2000 Red Hat, Inc. `. A significant vulnerability in ncurses could allow local privilege escalation, jeopardizing setuid applications. Secure your systems by updating promptly.. Red Hat Advisory, ncurses Security, Setuid Exploit, Software Package Update. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Nov 26, 2000 Critical Red Hat
87
Ls Advisories Debian Esm H240
Price Tag 1security advisoryDebianlocal exploit

Debian: Critical Advisory - glibc Local Exploit Severity: Critical

Recently two problems have been found in the glibc suite, which could beused to trick setuid applications to run arbitrary code. . -----BEGIN PGP SIGNED MESSAGE------ ------------------------------------------------------------------------Debian Security Advisory This email address is being protected from spambots. You need JavaScript enabled to view it. Debian -- Security Information Wichert Akkerman September 2, 2000 - ------------------------------------------------------------------------ Package: glibc Vulnerability: local exploit Debian-specific: no Recently two problems have been found in the glibc suite, which could be used to trick setuid applications to run arbitrary code. The first problem is the way ld.so handles environment variables: in order to provide a safe environment for setuid applications it removes certain the environment variables that can influence application execution such as LD_PRELOAD and LD_LIBRARY_PATH. Unfortunately there was a bug that could cause ld.so to not remove them under some conditions. This would affect setuid applications if they execute another binary without dropping privileges or cleaning up the environment themselves. The second problem is the locale handling in glibc. glibc checks for characters like `/' in the LANG and LC_* environment variables to see if someone is trying to trick a program into reading arbitrary files. Unfortunately there were some logic errors in those checks which could be used to make a setuid application use arbitrary files for localization settings, which can be exploited to trick it into executing arbitrary code. These problems have been fixed in version 2.1.3-13, and we recommend that you upgrade your glibc package immediately. wget url will fetch the file for you dpkg -i file.deb will install the referenced file. You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 2.1 alias slink - ------------------------------------ No update is available for slink; we will release an advisory with more information about this release later. Debian GNU/Linux 2.2 alias potato - ------------------------------------ Potato was released for the alpha, arm, i386, m68k, powerpc and sparc architectures. At this moment packages for m68k are not yet available. As soon as they are ready we will put them online and list them on the security pages at Debian -- Security Information Source archives: MD5 checksum: 70fcaf79c3c1e84c6bb18c579784b062 MD5 checksum: fd82c79e94f4adfacad7ac7e10a82850 MD5 checksum: aea1bb5c28f793013153d1b8f91eb746 Architecture indendent archives: MD5 checksum: 715d058a21da37459873fa9810f8ac80 MD5 checksum: 6c90c6b465428d76ed7292258f11b5b6 Alpha architecture: MD5 checksum: 9b3766a8c636e0475eb1123227d6efd5 MD5 checksum: cee532947e5169b21309ac8a2175e28c MD5 checksum: 34bdaa22187f7fb28bde26980f288663 MD5 checksum: 9caab3a0d2965defc917a3f7d639cb67 MD5 checksum: bd80fa7df7b35298b03fa86ed4eddb58 MD5 checksum: ffa9525ee030d7d1314db3b052e5df1f MD5 checksum: a2b2b33cf960cf826edc3aa5387e7d27 MD5 checksum: ed04bda8579a4ec939e8ee09942f7b1f ARM architecture: MD5 checksum: da2b951b1ffe58526e5c9a032ef5f73c MD5 checksum: 771857d6aab61fc88da0c8e740421690 MD5 checksum: 63d85ff2300b43fd1dc5617b09bbd213 MD5 checksum: 8584f4af0aa50edf32a447efd0a31c65 MD5 checksum: 15364347a059937f66c73fcf08d1dd46 MD5 checksum: 4d0d0f3138e6f7634079deebc010a239 MD5 checksum: da07801bb41e66e753999b1b2d932084 Intel ia32 architecture: MD5 checksum: 5f807f96733f5e20f5b96c41db83b213 MD5 checksum: 706320b902f75df49648807260cfbedc MD5 checksum: 640caa2b950660108554aa775222c753 MD5 checksum: d63917ecf3baffefef63f3192d92c0d3 MD5 checksum: 4fa5f5586c96ac8e77519324326268af MD5 checksum: 5a0ba8bfdd1909f1b999b672761c23ad MD5 checksum: ba677879a912e15d72abac4026c0385f MD5 checksum: ae98fbe3e00aa8be3700622e7d84ff2b PowerPC architecture: MD5 checksum: 555aad39f66aacd796a770a0a03016be MD5 checksum: 4fbd5aefb34c2081dc1e7f0e02ff5ae7 MD5 checksum: 7056a4bade2e2826a440c5308217b6f2 MD5 checksum: ec364dba9a60cd0a030549a1b9a17389 MD5 checksum: cfc05198b7db0184543170d98c43d415 MD5 checksum: 572422ea41d70bec2e4fb2c979f539b8 MD5 checksum: e4875824d6e56fb71bec517368643e07 Sun Sparc architecture: MD5 checksum: a6ce8fc46495d37666fc3ffa41c928ec MD5 checksum: 0450318920b99f6f9f2f11b7c1c6ffe2 MD5 checksum: 8c47c80ded91aba75127da261821a92a MD5 checksum: f48e298dbf9bda280dd3deb0f32b1796 MD5 checksum: 27df020bfceab1c066477cc9150d22c2 MD5 checksum: 9358612ba28d43d1a101715eeafce758 MD5 checksum: f86593fd83626b59d0675323dbdc698f For not yet released architectures please refer to the appropriate directory . - -- - ----------------------------------------------------------------------------For apt-get: deb Debian -- Security Information stable/updates main dpkg - dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. -----BEGIN PGP SIGNATURE-----Version: 2.6.3ia Charset: noconv iQB1AwUBObEoLKjZR/ntlUftAQHf0gL+PFcffgnczWkFzcl6eXP8I3I7GBMdLUrq 0EfUi9c6Y0VGbGNIocDuh87Md8aYHBXusNIymrvI25qdwizrcZwdooTQka7SelRe 8A6uT+f2WgxTrMKnmVUyrYiYcyDlKRkJ =fAUV -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE------ ----------------------------------------------------------------. recently, problems, found, glibc, suite, which, beused, trick, setuid, applica. . Severity: Critical.LinuxSecurity.com Team

Calendar 2 Sep 02, 2000 Critical Debian
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here