Alerts This Week
Warning Icon 1 525
Alerts This Week
Warning Icon 1 525

Stay Secure with the Latest Linux Advisories

Fedora Large Esm H800
Fedora

Fedora 43 hplip Major Update Addressing Possible Arbitrary Code Execution

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 Important Kernel Security Advisory ELSA-2026-21706

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 httpd Important Denial of Service Vuln ELSA-2026-22140

Calendar White Jun 02, 2026
Important
Oracle Large Esm H800
Oracle

Oracle Linux 8 ELSA-2026-22315 compat-openssl10 Moderate DoS Fix

Calendar White Jun 02, 2026
moderate
Oracle Large Esm H900
Oracle

Oracle Linux 8 gnutls Important Buffer Overflow Auth Bypass ELSA-2026-20611

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS nginx Security Advisory for Critical DoS Vulnerabilities

Calendar White Jun 03, 2026
Critical
Ubuntu Large Esm H800
Ubuntu

Ubuntu 20.04 LTS MySQL Important Security Issues USN-8363-2

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS GStreamer Base Significant DoS Attack Vulnerability Alert

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS python-pip Moderate DoS Regression Fix USN-8344-3

Calendar White Jun 03, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -7 articles for you...
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisoryhigh severitygentoo

Gentoo: 200404-18 High: SSMTP Format String Exploit Risk

There are multiple format string vulnerabilities in the SSMTP package, which may allow an attacker to run arbitrary code with ssmtp's privileges (potentially root). [More...]. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200404-18 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: Multiple Vulnerabilities in ssmtp Date: April 26, 2004 Bugs: #47918, #48435 ID: 200404-18 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= There are multiple format string vulnerabilities in the SSMTP package, which may allow an attacker to run arbitrary code with ssmtp's privileges (potentially root). Background ========= SSMTP is a very simple mail transfer agent (MTA) that relays mail from the local machine to another SMTP host. It is not designed to function as a full mail server; its sole purpose is to relay mail. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-mail/ssmtp = 2.60.7 Description ========== There are two format string vulnerabilities inside the log_event() and die() functions of ssmtp. Strings from outside ssmtp are passed to various printf()-like functions from within log_event() and die() as format strings. An attacker could cause a specially-crafted string to be passed to these functions, and potentially cause ssmtp to execute arbitrary code. Impact ===== If ssmtp connects to a malicious mail relay server, this vulnerability can be used to execute code with the rights of the mail sender, including root. Workaround ========= There is no known workaround atthis time. All users are advised to upgrade to the latest available version of ssmtp. Resolution ========= All users are advised to upgrade to the latest available version of ssmtp. # emerge sync # emerge -pv "> =net-mail/ssmtp-2.60.7" # emerge "> =net-mail/ssmtp-2.60.7" References ========= [ 1 ] Secunia Advisory https://www.flexera.com/products/security/software-vulnerability-research/secunia-research [ 2 ] CVE Reference https://www.cve.org/CVERecord?id=CAN-2004-0156 [ 3 ] Debian Advisory https://lists.debian.org/debian-security-announce/2004/msg00084.html Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/200404-18 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org/. License ====== Copyright 2004 Gentoo Technologies, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/1.0/ . A series of formatting vulnerabilities in the SSMTP software could enable malicious users to run arbitrary commands with root access.. SSMTP Security, Gentoo Advisory, Format String Attack. . LinuxSecurity.com Team

Calendar 2 Apr 26, 2004 Gentoo
87
Ls Advisories Debian Esm H240
Price Tag 1security advisoryremote exploitdebian

Debian: DSA 486-1 Important: SSMTP Format String Exploit Threat

These vulnerabilities could potentially be exploited by a remote mail relay to gain the privileges of the ssmtp process (including potentially root).. Debian Security Advisory DSA 485-1 This email address is being protected from spambots. You need JavaScript enabled to view it. Debian -- Security Information Matt Zimmerman April 14th, 2004 Debian -- Debian security FAQ - -------------------------------------------------------------------------- Package : ssmtp Vulnerability : format string Problem-Type : remote Debian-specific: no CVE Ids : CAN-2004-0156 Max Vozeler discovered two format string vulnerabilities in ssmtp, a simple mail transport agent. Untrusted values in the functions die() and log_event() were passed to printf-like functions as format strings. These vulnerabilities could potentially be exploited by a remote mail relay to gain the privileges of the ssmtp process (including potentially root). For the current stable distribution (woody) this problem will be fixed in version 2.50.6.1. For the unstable distribution (sid), this problem will be fixed soon. We recommend that you update your ssmtp package. Upgrade Instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.0 alias woody - -------------------------------- Source archives: Size/MD5 checksum: 452 c36084c67873e0881794278c0be140c5 Size/MD5 checksum: 139907 eb45734311f00894e6b135c8fafb7c9a Alpha architecture: Size/MD5 checksum: 29388 9b7b4fb95fa15cb68dda2feb4750bd0d ARM architecture: Size/MD5 checksum: 27068cce2793db67d3e2c15bdbf562b7d9701 Intel IA-32 architecture: Size/MD5 checksum: 26288 ba0326f0d192bb059cb2b205a8a1420c Intel IA-64 architecture: Size/MD5 checksum: 33312 3d44b78e280f79ce80bd9af6f2ee36c1 HP Precision architecture: Size/MD5 checksum: 26742 74b56161785b972bf60b30a580b1b75f Motorola 680x0 architecture: Size/MD5 checksum: 25870 845aec84ff6a0bda0d41c9408aa6db35 Big endian MIPS architecture: Size/MD5 checksum: 27346 fd8ffe053e266e1209dd821209e03051 Little endian MIPS architecture: Size/MD5 checksum: 27340 7549f22f6bcf6c6adfd9caf1aac1f5da PowerPC architecture: Size/MD5 checksum: 26182 5113c9871cae26e5cd24ca01dd5db30b IBM S/390 architecture: Size/MD5 checksum: 26984 3a8dd685a65f9b4e84f1025168fdfa3a Sun Sparc architecture: Size/MD5 checksum: 29152 d4460c1db6fd727129a576329136866d These files will probably be moved into the stable distribution on its next revision. - --------------------------------------------------------------------------------- For apt-get: deb Debian -- Security Information stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. Package info: `apt-cache show ' and https://www.debian.org/distrib/packages . Debian advisory DSA 486-1 addresses critical ssmtp format string issue needing urgent updates to mitigate risks.. ssmtp Attack Risk, Debian Security Update, Format String Issue. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Apr 15, 2004 Important Debian
Banner 1 1028x280 1708121660 1771599717
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here