Alerts This Week
Warning Icon 1 535
Alerts This Week
Warning Icon 1 535

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -6 articles for you...
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisoryremote accessGentoo Linux

Gentoo: 202201-15 Critical: OpenSSL Vulnerability Exploit

A remote attacker can bypass the tcp-wrappers client authorization in net-snmp.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201001-05 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: net-snmp: Authorization bypass Date: January 13, 2010 Bugs: #250429 ID: 201001-05 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= A remote attacker can bypass the tcp-wrappers client authorization in net-snmp. Background ========= net-snmp bundles software for generating and retrieving SNMP data. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-analyzer/net-snmp < 5.4.2.1-r1 > = 5.4.2.1-r1 Description ========== The netsnmp_udp_fmtaddr() function (snmplib/snmpUDPDomain.c), when using TCP wrappers for client authorization, does not properly parse hosts.allow rules. Impact ===== A remote, unauthenticated attacker could bypass the ACL filtering, possibly resulting in the execution of arbitrary SNMP queries. Workaround ========= If possible, protect net-snmp with custom iptables rules: iptables -s [client] -d [host] -p udp --dport 161 -j ACCEPT iptables -s 0.0.0.0/0 -d [host] -p udp --dport 161 -j DROP Resolution ========= All net-snmp users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =net-analyzer/net-snmp-5.4.2.1-r1" References ========= [ 1 ] CVE-2008-6123 https://www.cve.org/CVERecord?id=CVE-2008-6123 Availability =========== This GLSA and any updates to it are available forviewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201001-05 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2010 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ . A distant threat actor could potentially take advantage of net-snmp, resulting in an authorization flaw on Gentoo Linux systems. Update immediately!. Gentoo Linux, net-snmp exploit, remote attack prevention, tcp wrappers, security fix. . LinuxSecurity.com Team

Calendar 2 Jan 13, 2010 Gentoo
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorybug fixremote access

Red Hat Enterprise Linux: RHSA-2009:1321-02 Low: NFS-Utils Security Fix

An updated nfs-utils package that fixes a security issue and several bugs is now available. This update has been rated as having low security impact by the Red Hat Security Response Team.. ==================================================================== Red Hat Security Advisory Synopsis: Low: nfs-utils security and bug fix update Advisory ID: RHSA-2009:1321-02 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2009:1321.html Issue date: 2009-09-02 Keywords: nfs-utils nfs CVE Names: CVE-2008-4552 ==================================================================== 1. Summary: An updated nfs-utils package that fixes a security issue and several bugs is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Description: The nfs-utils package provides a daemon for the kernel NFS server and related tools. It was discovered that nfs-utils did not use tcp_wrappers correctly. Certain hosts access rules defined in "/etc/hosts.allow" and "/etc/hosts.deny" may not have been honored, possibly allowing remote attackers to bypass intended access restrictions. (CVE-2008-4552) This updated package also fixes the following bugs: * the "LOCKD_TCPPORT" and "LOCKD_UDPPORT" options in "/etc/sysconfig/nfs" were not honored: the lockd daemon continued to use random ports. With this update, these options are honored. (BZ#434795) * it was not possible to mount NFS file systems from a system that has the "/etc/" directory mounted on a read-only file system (this could occur on systems with an NFS-mounted root file system). With this update, it is possible to mount NFS file systems from a system that has "/etc/" mounted on a read-only filesystem. (BZ#450646) * arguments specified by "STATDARG=" in "/etc/sysconfig/nfs" were removed by the nfslock init script, meaning the arguments specified were never passed to rpc.statd. With this update, the nfslock init script no longer removes these arguments. (BZ#459591) * when mounting an NFS file system from a host not specified in the NFS server's "/etc/exports" file, a misleading "unknown host" error was logged on the server (the hostname lookup did not fail). With this update, a clearer error message is provided for these situations. (BZ#463578) * the nhfsstone benchmark utility did not work with NFS version 3 and 4. This update adds support to nhfsstone for NFS version 3 and 4. The new nhfsstone "-2", "-3", and "-4" options are used to select an NFS version (similar to nfsstat(8)). (BZ#465933) * the exportfs(8) manual page contained a spelling mistake, "djando", in the EXAMPLES section. (BZ#474848) * in some situations the NFS server incorrectly refused mounts to hosts that had a host alias in a NIS netgroup. (BZ#478952) * in some situations the NFS client used its cache, rather than using the latest version of a file or directory from a given export. This update adds a new mount option, "lookupcache=", which allows the NFS client to control how it caches files and directories. Note: The Red Hat Enterprise Linux 5.4 kernel update (the fourth regular update) must be installed in order to use the "lookupcache=" option. Also, "lookupcache=" is currently only available for NFS version 3. Support for NFS version 4 may be introduced in future Red Hat Enterprise Linux 5 updates. Refer to Red Hat Bugzilla #511312 for further information. (BZ#489335) Users of nfs-utils should upgrade to this updated package, which contains backported patches to correct these issues. After installing this update, the nfs service will be restarted automatically. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have beenapplied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at 5. Bugs fixed (http://bugzilla.redhat.com/): 434795 - lockd not using settings in sysconfig/nfs 450646 - /sbin/mount.nfs fails with read-only /etc 458676 - CVE-2008-4552 nfs-utils: incorrect use of tcp_wrappers, causing hostname-based rules to be ignored 459591 - rpc.statd options not correctly parsed 463578 - confusing 'mount request from unknown host' messages 465933 - nhfsstone does not support NFSv3 and v4 474848 - typo in exportfs manpage 489335 - Add support for lookupcache= option in nfs-utils. 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: i386: nfs-utils-1.0.9-42.el5.i386.rpm nfs-utils-debuginfo-1.0.9-42.el5.i386.rpm x86_64: nfs-utils-1.0.9-42.el5.x86_64.rpm nfs-utils-debuginfo-1.0.9-42.el5.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: i386: nfs-utils-1.0.9-42.el5.i386.rpm nfs-utils-debuginfo-1.0.9-42.el5.i386.rpm ia64: nfs-utils-1.0.9-42.el5.ia64.rpm nfs-utils-debuginfo-1.0.9-42.el5.ia64.rpm ppc: nfs-utils-1.0.9-42.el5.ppc.rpm nfs-utils-debuginfo-1.0.9-42.el5.ppc.rpm s390x: nfs-utils-1.0.9-42.el5.s390x.rpm nfs-utils-debuginfo-1.0.9-42.el5.s390x.rpm x86_64: nfs-utils-1.0.9-42.el5.x86_64.rpm nfs-utils-debuginfo-1.0.9-42.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://www.cve.org/CVERecord?id=CVE-2008-4552 https://access.redhat.com/security/updates/classification#low 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2009 Red Hat, Inc. . Enhance your nfs-utils by implementing essential security patches and bug corrections from Red Hat to bolster system reliability.. nfs-utils Update, Red HatSecurity Fix, Low Impact Security Update. . Severity: Low. LinuxSecurity.com Team

Calendar 2 Sep 02, 2009 Low Red Hat
Banner 4 1028x280 1708121825 1771600306
200
Ls Advisories Scientific Esm H240
Price Tag 1security advisorymoderatesecurity update

Scientific Linux: 2008-1376 Moderate Security Advisory for Nfs-Utils

Moderate: nfs-utils security update. Date: Fri, 1 Aug 2008 15:57:36 -0500 Reply-To: Troy Dawson Sender: Security Errata for Scientific Linux From: Troy Dawson Subject: Security ERRATA for nfs-utils on SL5.x i386/x86_64 Comments: To: "This email address is being protected from spambots. You need JavaScript enabled to view it." Synopsis: Moderate: nfs-utils security update Issue date: 2008-07-31 CVE Names: CVE-2008-1376 A flaw was found in the nfs-utils package build. The nfs-utils package was missing TCP wrappers support, which could result in an administrator believing they had access restrictions enabled when they did not. (CVE-2008-1376) SL 5.x SRPMS: nfs-utils-1.0.9-35z.el5_2.src.rpm i386: nfs-utils-1.0.9-35z.el5_2.i386.rpm x86_64: nfs-utils-1.0.9-35z.el5_2.x86_64.rpm -Connie Sieh -Troy Dawson . Significant patch released for nfs-utils mitigating security vulnerability that permits unauthorized access on Scientific Linux systems.. scientific linux,nfs-utils,security advisory,access control,tcp wrappers. . LinuxSecurity.com Team

Calendar 2 Aug 01, 2008 Scientific Linux
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here