Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -7 articles for you...
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisorygentoolow severity

Gentoo: 200502-21 Low Severity: Lighttpd Script Source Exposure

An attacker can trick lighttpd into revealing the source of scripts that should be executed as CGI or FastCGI applications.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200502-21 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Low Title: lighttpd: Script source disclosure Date: February 15, 2005 Bugs: #81776 ID: 200502-21 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= An attacker can trick lighttpd into revealing the source of scripts that should be executed as CGI or FastCGI applications. Background ========= lighttpd is a small-footprint, fast, compliant and very flexible web-server which is optimized for high-performance environments. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-servers/lighttpd < 1.3.10-r1 > = 1.3.10-r1 Description ========== lighttpd uses file extensions to determine which elements are programs that should be executed and which are static pages that should be sent as-is. By appending %00 to the filename, you can evade the extension detection mechanism while still accessing the file. Impact ===== A remote attacker could send specific queries and access the source of scripts that should have been executed as CGI or FastCGI applications. Workaround ========= There is no known workaround at this time. Resolution ========= All lighttpd users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =www-servers/lighttpd-1.3.10-r1" References ========= [ 1 ] lighttpd-announceAdvisory Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/200502-21 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org/. License ====== Copyright 2005 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.0/ . Gentoo GLSA 202001-15 announces a minor risk concerning nginx configuration flaws that could lead to unauthorized access and exploitation opportunities.. lighttpd security, gentoo advisory, script exposure, low severity issue. . Severity: Low. LinuxSecurity.com Team

Calendar 2 Feb 15, 2005 Low Gentoo
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorysecurity issuecritical

Debian: DSA 225-1 Critical: Tomcat Source Exposure Remote Access

A security vulnerability exists in Apache Tomcat 4.0.x releases, which allows a specially crafted URL to return the unprocessed source of a JSP page without the need for being properly authenticated.. -------------------------------------------------------------------------- Debian Security Advisory DSA 225-1 This email address is being protected from spambots. You need JavaScript enabled to view it. Debian -- Security Information Martin Schulze January 9th, 2002 Debian -- Debian security FAQ -------------------------------------------------------------------------- Package : tomcat4 Vulnerability : source disclosure Problem-Type : remote Debian-specific: no CVE Id : CAN-2002-1394 A security vulnerability has been confirmed to exist in Apache Tomcat 4.0.x releases, which allows to use a specially crafted URL to return the unprocessed source of a JSP page, or, under special circumstances, a static resource which would otherwise have been protected by a security constraint, without the need for being properly authenticated. This is based on a variant of the exploit that was identified as CAN-2002-1148. For the current stable distribution (woody) this problem has been fixed in version 4.0.3-3woody2. The old stable distribution (potato) does not contain tomcat packages. For the unstable distribution (sid) this problem does not exist in the current version 4.1.16-1. We recommend that you upgrade your tomcat packages. Installation Instructions ------------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.0 alias woody -------------------------------- Source archives: Size/MD5 checksum: 708 0911f7c03a0ab71133fbe95bf45d0d20 Size/MD5 checksum: 15881 de9f6f0fb39374bfe4ece1ef4824d942 Size/MD5 checksum: 1588186 2b2e0d859f7152e5225633933e6585d6 Architecture independent components: Size/MD5 checksum: 1134258 680c67daebdd36eb879ce593e6362f3b Size/MD5 checksum: 1167502 34f71826d8441f967e3da0ee4ab9a1be Size/MD5 checksum: 126444 e7dbc07086a7e349474bff877342cb6d These files will probably be moved into the stable distribution on its next revision. --------------------------------------------------------------------------------- For apt-get: deb Debian -- Security Information stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. Package info: `apt-cache show ' and https://www.debian.org/distrib/packages . Immediate alert for Debian users regarding Apache Tomcat security flaw. Prompt action recommended.. Debian Security Advisory, Tomcat Update, Source Exposure Issues, Remote Access Threat. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jan 09, 2003 Critical Debian
Banner 1 1028x280 1708121660 1771599717
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here