Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -3 articles for you...
91
security advisorysecurity issueremote code executionGentoo: GLSA-202109-08 Critical: Mozilla Firefox Arbitrary Code Execution
Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which allows remote attackers to execute arbitrary code.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201707-15 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Adobe Flash Player: Multiple vulnerabilities Date: July 21, 2017 Bugs: #621680, #624620 ID: 201707-15 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which allows remote attackers to execute arbitrary code. Background ========= The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-plugins/adobe-flash < 26.0.0.137 > = 26.0.0.137 Description ========== Multiple vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details. Impact ===== A remote attacker could possibly execute arbitrary code with the privileges of the process or bypass security restrictions. Workaround ========= There is no known workaround at this time. Resolution ========= All Adobe Flash users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v "> =www-plugins/adobe-flash-26.0.0.137" References ========= [ 1 ] CVE-2017-3075 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-3075 [ 2 ] CVE-2017-3076 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-3076 [ 3] CVE-2017-3077 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-3077 [ 4 ] CVE-2017-3078 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-3078 [ 5 ] CVE-2017-3079 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-3079 [ 6 ] CVE-2017-3080 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-3080 [ 7 ] CVE-2017-3081 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-3081 [ 8 ] CVE-2017-3082 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-3082 [ 9 ] CVE-2017-3083 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-3083 [ 10 ] CVE-2017-3084 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-3084 [ 11 ] CVE-2017-3099 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-3099 [ 12 ] CVE-2017-3100 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-3100 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201707-15 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to
Jul 22, 2017
Gentoo
172
security advisorydenial of servicebuffer overflowUbuntu 12.10 LTS: USN-1642-1 Critical Lynx Issues Detected
Two security issues were fixed in Lynx.. =========================================================================Ubuntu Security Notice USN-1642-1 November 29, 2012 lynx-cur vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 12.10 - Ubuntu 12.04 LTS - Ubuntu 11.10 - Ubuntu 10.04 LTS Summary: Two security issues were fixed in Lynx. Software Description: - lynx-cur: Text-mode WWW Browser with NLS support Details: Dan Rosenberg discovered a heap-based buffer overflow in Lynx. If a user were tricked into opening a specially crafted page, a remote attacker could cause a denial of service via application crash, or possibly execute arbitrary code as the user invoking the program. This issue only affected Ubuntu 10.04 LTS. (CVE-2010-2810) It was discovered that Lynx did not properly verify that an HTTPS certificate was signed by a trusted certificate authority. This could allow an attacker to perform a "man in the middle" (MITM) attack which would make the user believe their connection is secure, but is actually being monitored. This update changes the behavior of Lynx such that self-signed certificates no longer validate. Users requiring the previous behavior can use the 'FORCE_SSL_PROMPT' option in lynx.cfg. (CVE-2012-5821) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 12.10: lynx-cur 2.8.8dev.12-2ubuntu0.1 Ubuntu 12.04 LTS: lynx-cur 2.8.8dev.9-2ubuntu0.12.04.1 Ubuntu 11.10: lynx-cur 2.8.8dev.9-2ubuntu0.11.10.1 Ubuntu 10.04 LTS: lynx-cur 2.8.8dev.2-1ubuntu0.1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-1642-1 CVE-2010-2810, CVE-2012-5821 Package Information: https://launchpad.net/ubuntu/+source/lynx-cur/2.8.8dev.12-2ubuntu0.1 https://launchpad.net/ubuntu/+source/lynx-cur/2.8.8dev.9-2ubuntu0.12.04.1 https://launchpad.net/ubuntu/+source/lynx-cur/2.8.8dev.9-2ubuntu0.11.10.1 https://launchpad.net/ubuntu/+source/lynx-cur/2.8.8dev.2-1ubuntu0.1 . Immediate security patches for Lynx in Ubuntu address severe vulnerabilities linked to buffer overflow and potential Man-In-The-Middle threats.. lynx security updates, ubuntu vulnerabilities, buffer overflow fix, man in the middle attack. . Severity: Critical. LinuxSecurity.com Team
Nov 29, 2012
•Critical
Ubuntu
200
security advisorysecurity issuebuffer overflowScientific Linux 6.x OpenOffice.org Critical Remote Code Exec CVE-2010-3450
Important: openoffice.org security and bug fix update. Date: Fri, 4 Mar 2011 14:53:47 -0600 Reply-To: Troy Dawson Sender: Security Errata for Scientific Linux From: Troy Dawson Subject: Security ERRATA Important: openoffice.org on SL6.x i386/x86_64 Comments: To: "
Mar 04, 2011
•Critical
Scientific Linux
98
security advisorykernel updateRed Hat EnterpriseRed Hat 3: RHSA-2005:472-01 Critical: Important Kernel Security Update
Updated kernel packages that fix several security issues in the Red Hat Enterprise Linux 3 kernel are now available. This security advisory has been rated as having important security impact by the Red Hat Security Response Team.. - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: kernel security update Advisory ID: RHSA-2005:472-01 Advisory URL: https://access.redhat.com/errata/RHSA-2005:472.html Issue date: 2005-05-25 Updated on: 2005-05-25 Product: Red Hat Enterprise Linux Obsoletes: RHSA-2005:294 CVE Names: CAN-2004-0491 CAN-2005-0176 CAN-2005-1263 - ---------------------------------------------------------------------1. Summary: Updated kernel packages that fix several security issues in the Red Hat Enterprise Linux 3 kernel are now available. This security advisory has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Problem description: The Linux kernel handles the basic functions of the operating system. These new kernel packages contain fixes for the three security issues described below as well as an important fix for a problem that could lead to data corruption on x86-architecture SMP systems with greater than 4GB of memory through heavy usage of multi-threaded applications. A flaw between execve() syscall handling and core dumping of ELF-format executables allowed local unprivileged users to cause a denial of service (system crash) or possibly gain privileges. The Common Vulnerabilities and Exposures project has assigned the name CAN-2005-1263 to this issue. A flaw in shared memory lockingallowed local unprivileged users to lock and unlock regions of shared memory segments they did not own (CAN-2005-0176). A flaw in the locking of SysV IPC shared memory regions allowed local unprivileged users to bypass their RLIMIT_MEMLOCK resource limit (CAN-2004-0491). Note: The kernel-unsupported package contains various drivers and modules that are unsupported and therefore might contain security problems that have not been addressed. All Red Hat Enterprise Linux 3 users are advised to upgrade their kernels to the packages associated with their machine architectures and configurations as listed in this erratum. Please also consult the RHEL3 Update 5 advisory RHSA-2005:294 for the complete list of features added and bugs fixed in U5, which was released only a week prior to this security update. 4. Solution: Before applying this update, make sure that all previously released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/10/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 126411 - CAN-2004-0491 mlock accounting issue 141394 - Memory corruption with kernel 2.4.21-27.EL 141905 - kernel 2.4.21-25.ELsmp panic (kscand) 142802 - CAN-2005-0176 unlock someone elses ipc memory 149087 - Kernel panic regression in 2.4.21-27.0.2.ELsmp 157451 - CAN-2005-1263 Linux kernel ELF core dump crash vulnerability 6. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: a3294ea2b31db1bf71ede79779154f38 kernel-2.4.21-32.0.1.EL.src.rpm i386: f30e36f4f0ab84d2e769e93829aa2d20 kernel-2.4.21-32.0.1.EL.athlon.rpm 8f7eec82049385001ae13568757a1bfa kernel-2.4.21-32.0.1.EL.i686.rpm 8a8c57c90c0a9f5c34f967a4e21248f9 kernel-BOOT-2.4.21-32.0.1.EL.i386.rpm c758821e238e5071adf2882b0bf57753 kernel-doc-2.4.21-32.0.1.EL.i386.rpm 8393b9131dce3de5227d38ab93330a0e kernel-hugemem-2.4.21-32.0.1.EL.i686.rpm f4a85b153deaf0e452a8588592838a99 kernel-hugemem-unsupported-2.4.21-32.0.1.EL.i686.rpm c779afc884615fd6acc4a808db06ac41 kernel-smp-2.4.21-32.0.1.EL.athlon.rpm 074d57f89eae848e55970fb792b760bb kernel-smp-2.4.21-32.0.1.EL.i686.rpm 616020364fcea7e7096bd62801e79fc4 kernel-smp-unsupported-2.4.21-32.0.1.EL.athlon.rpm c3334ea418483f996ebeeb162ed70cef kernel-smp-unsupported-2.4.21-32.0.1.EL.i686.rpm cddaf98d731e7f56a3de6d99d526368c kernel-source-2.4.21-32.0.1.EL.i386.rpm 3eda75e78526882c03fd1dc10547aeed kernel-unsupported-2.4.21-32.0.1.EL.athlon.rpm b472ffdcda9b6f22464a16065380dfb9 kernel-unsupported-2.4.21-32.0.1.EL.i686.rpm ia64: c10a00a0548076ea502106afac33e63a kernel-2.4.21-32.0.1.EL.ia64.rpm 0ba08af2b5d5f5b1c00250e6d350e793 kernel-doc-2.4.21-32.0.1.EL.ia64.rpm d275d6c615cb3412e45aa4d78ace1749 kernel-source-2.4.21-32.0.1.EL.ia64.rpm d678c9224c56f5bc1e83cdaddf90b419 kernel-unsupported-2.4.21-32.0.1.EL.ia64.rpm ppc: 3285b1097d83b39e8f5bd0c7442a38c7 kernel-2.4.21-32.0.1.EL.ppc64iseries.rpm aee706eb7afbfb0d104b32414321c0fe kernel-2.4.21-32.0.1.EL.ppc64pseries.rpm 0df4f27241d864aa97b8c6b65c192754 kernel-doc-2.4.21-32.0.1.EL.ppc64.rpm 94093bba6dd19f9beb125d326e9dea80 kernel-source-2.4.21-32.0.1.EL.ppc64.rpm dc4619039c6c145024d865b5ede767c5 kernel-unsupported-2.4.21-32.0.1.EL.ppc64iseries.rpm 8e14770d84fa176a9c28ab613fc06d5d kernel-unsupported-2.4.21-32.0.1.EL.ppc64pseries.rpm s390: 330adcf820bea66ce0467dfebddff8e7 kernel-2.4.21-32.0.1.EL.s390.rpm bf35c7665526c46bacdc8cab8794742c kernel-doc-2.4.21-32.0.1.EL.s390.rpm 2cf9a00e21b35478deb826f039fdb481 kernel-source-2.4.21-32.0.1.EL.s390.rpm 18f80bb172a141ee13489eaf59027b3b kernel-unsupported-2.4.21-32.0.1.EL.s390.rpm s390x: c0e8287dcfec54dab6737d157809d4b6 kernel-2.4.21-32.0.1.EL.s390x.rpm 4ae8efce1828b68781e3e38b8046a219 kernel-doc-2.4.21-32.0.1.EL.s390x.rpm c7268b452f1688334a2b0c8402b50cd8 kernel-source-2.4.21-32.0.1.EL.s390x.rpm 0634145d1338a4233703ee91f06300e1 kernel-unsupported-2.4.21-32.0.1.EL.s390x.rpm x86_64: d532f04df3c0564483d86dd4e1705096 kernel-2.4.21-32.0.1.EL.ia32e.rpm 8a2779b71f5d106f65a45857f0632755 kernel-2.4.21-32.0.1.EL.x86_64.rpm e5c7ea7acd1a1f66ce323d709ad193e9 kernel-doc-2.4.21-32.0.1.EL.x86_64.rpm bc742330f75227eb12797af9ff926f47 kernel-smp-2.4.21-32.0.1.EL.x86_64.rpm c1f5b201f8f558e8630e849f6d51e596 kernel-smp-unsupported-2.4.21-32.0.1.EL.x86_64.rpm 1d6e7647f79c50e46dd536ace43fa781 kernel-source-2.4.21-32.0.1.EL.x86_64.rpm 8520b785bb89fb1d2727e5d3dabd90d1 kernel-unsupported-2.4.21-32.0.1.EL.ia32e.rpm cf1d9a17cd60efea252f414a537b7feb kernel-unsupported-2.4.21-32.0.1.EL.x86_64.rpm Red Hat Desktop version 3: SRPMS: a3294ea2b31db1bf71ede79779154f38 kernel-2.4.21-32.0.1.EL.src.rpm i386: f30e36f4f0ab84d2e769e93829aa2d20 kernel-2.4.21-32.0.1.EL.athlon.rpm 8f7eec82049385001ae13568757a1bfa kernel-2.4.21-32.0.1.EL.i686.rpm 8a8c57c90c0a9f5c34f967a4e21248f9 kernel-BOOT-2.4.21-32.0.1.EL.i386.rpm c758821e238e5071adf2882b0bf57753 kernel-doc-2.4.21-32.0.1.EL.i386.rpm 8393b9131dce3de5227d38ab93330a0e kernel-hugemem-2.4.21-32.0.1.EL.i686.rpm f4a85b153deaf0e452a8588592838a99 kernel-hugemem-unsupported-2.4.21-32.0.1.EL.i686.rpm c779afc884615fd6acc4a808db06ac41 kernel-smp-2.4.21-32.0.1.EL.athlon.rpm 074d57f89eae848e55970fb792b760bb kernel-smp-2.4.21-32.0.1.EL.i686.rpm 616020364fcea7e7096bd62801e79fc4 kernel-smp-unsupported-2.4.21-32.0.1.EL.athlon.rpm c3334ea418483f996ebeeb162ed70cef kernel-smp-unsupported-2.4.21-32.0.1.EL.i686.rpm cddaf98d731e7f56a3de6d99d526368c kernel-source-2.4.21-32.0.1.EL.i386.rpm 3eda75e78526882c03fd1dc10547aeed kernel-unsupported-2.4.21-32.0.1.EL.athlon.rpm b472ffdcda9b6f22464a16065380dfb9 kernel-unsupported-2.4.21-32.0.1.EL.i686.rpm x86_64: d532f04df3c0564483d86dd4e1705096 kernel-2.4.21-32.0.1.EL.ia32e.rpm 8a2779b71f5d106f65a45857f0632755 kernel-2.4.21-32.0.1.EL.x86_64.rpm e5c7ea7acd1a1f66ce323d709ad193e9 kernel-doc-2.4.21-32.0.1.EL.x86_64.rpm bc742330f75227eb12797af9ff926f47 kernel-smp-2.4.21-32.0.1.EL.x86_64.rpm c1f5b201f8f558e8630e849f6d51e596 kernel-smp-unsupported-2.4.21-32.0.1.EL.x86_64.rpm 1d6e7647f79c50e46dd536ace43fa781 kernel-source-2.4.21-32.0.1.EL.x86_64.rpm 8520b785bb89fb1d2727e5d3dabd90d1 kernel-unsupported-2.4.21-32.0.1.EL.ia32e.rpm cf1d9a17cd60efea252f414a537b7feb kernel-unsupported-2.4.21-32.0.1.EL.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: a3294ea2b31db1bf71ede79779154f38 kernel-2.4.21-32.0.1.EL.src.rpm i386: f30e36f4f0ab84d2e769e93829aa2d20 kernel-2.4.21-32.0.1.EL.athlon.rpm 8f7eec82049385001ae13568757a1bfa kernel-2.4.21-32.0.1.EL.i686.rpm 8a8c57c90c0a9f5c34f967a4e21248f9 kernel-BOOT-2.4.21-32.0.1.EL.i386.rpm c758821e238e5071adf2882b0bf57753 kernel-doc-2.4.21-32.0.1.EL.i386.rpm 8393b9131dce3de5227d38ab93330a0e kernel-hugemem-2.4.21-32.0.1.EL.i686.rpm f4a85b153deaf0e452a8588592838a99 kernel-hugemem-unsupported-2.4.21-32.0.1.EL.i686.rpm c779afc884615fd6acc4a808db06ac41 kernel-smp-2.4.21-32.0.1.EL.athlon.rpm 074d57f89eae848e55970fb792b760bb kernel-smp-2.4.21-32.0.1.EL.i686.rpm 616020364fcea7e7096bd62801e79fc4 kernel-smp-unsupported-2.4.21-32.0.1.EL.athlon.rpm c3334ea418483f996ebeeb162ed70cef kernel-smp-unsupported-2.4.21-32.0.1.EL.i686.rpm cddaf98d731e7f56a3de6d99d526368c kernel-source-2.4.21-32.0.1.EL.i386.rpm 3eda75e78526882c03fd1dc10547aeed kernel-unsupported-2.4.21-32.0.1.EL.athlon.rpm b472ffdcda9b6f22464a16065380dfb9 kernel-unsupported-2.4.21-32.0.1.EL.i686.rpm ia64: c10a00a0548076ea502106afac33e63a kernel-2.4.21-32.0.1.EL.ia64.rpm 0ba08af2b5d5f5b1c00250e6d350e793 kernel-doc-2.4.21-32.0.1.EL.ia64.rpm d275d6c615cb3412e45aa4d78ace1749 kernel-source-2.4.21-32.0.1.EL.ia64.rpm d678c9224c56f5bc1e83cdaddf90b419 kernel-unsupported-2.4.21-32.0.1.EL.ia64.rpm x86_64: d532f04df3c0564483d86dd4e1705096 kernel-2.4.21-32.0.1.EL.ia32e.rpm 8a2779b71f5d106f65a45857f0632755 kernel-2.4.21-32.0.1.EL.x86_64.rpm e5c7ea7acd1a1f66ce323d709ad193e9 kernel-doc-2.4.21-32.0.1.EL.x86_64.rpm bc742330f75227eb12797af9ff926f47 kernel-smp-2.4.21-32.0.1.EL.x86_64.rpm c1f5b201f8f558e8630e849f6d51e596 kernel-smp-unsupported-2.4.21-32.0.1.EL.x86_64.rpm 1d6e7647f79c50e46dd536ace43fa781 kernel-source-2.4.21-32.0.1.EL.x86_64.rpm 8520b785bb89fb1d2727e5d3dabd90d1 kernel-unsupported-2.4.21-32.0.1.EL.ia32e.rpm cf1d9a17cd60efea252f414a537b7feb kernel-unsupported-2.4.21-32.0.1.EL.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: a3294ea2b31db1bf71ede79779154f38 kernel-2.4.21-32.0.1.EL.src.rpm i386: f30e36f4f0ab84d2e769e93829aa2d20 kernel-2.4.21-32.0.1.EL.athlon.rpm 8f7eec82049385001ae13568757a1bfa kernel-2.4.21-32.0.1.EL.i686.rpm 8a8c57c90c0a9f5c34f967a4e21248f9 kernel-BOOT-2.4.21-32.0.1.EL.i386.rpm c758821e238e5071adf2882b0bf57753 kernel-doc-2.4.21-32.0.1.EL.i386.rpm 8393b9131dce3de5227d38ab93330a0e kernel-hugemem-2.4.21-32.0.1.EL.i686.rpm f4a85b153deaf0e452a8588592838a99 kernel-hugemem-unsupported-2.4.21-32.0.1.EL.i686.rpm c779afc884615fd6acc4a808db06ac41 kernel-smp-2.4.21-32.0.1.EL.athlon.rpm 074d57f89eae848e55970fb792b760bb kernel-smp-2.4.21-32.0.1.EL.i686.rpm 616020364fcea7e7096bd62801e79fc4 kernel-smp-unsupported-2.4.21-32.0.1.EL.athlon.rpm c3334ea418483f996ebeeb162ed70cef kernel-smp-unsupported-2.4.21-32.0.1.EL.i686.rpm cddaf98d731e7f56a3de6d99d526368c kernel-source-2.4.21-32.0.1.EL.i386.rpm 3eda75e78526882c03fd1dc10547aeed kernel-unsupported-2.4.21-32.0.1.EL.athlon.rpm b472ffdcda9b6f22464a16065380dfb9 kernel-unsupported-2.4.21-32.0.1.EL.i686.rpm ia64: c10a00a0548076ea502106afac33e63a kernel-2.4.21-32.0.1.EL.ia64.rpm 0ba08af2b5d5f5b1c00250e6d350e793 kernel-doc-2.4.21-32.0.1.EL.ia64.rpm d275d6c615cb3412e45aa4d78ace1749 kernel-source-2.4.21-32.0.1.EL.ia64.rpm d678c9224c56f5bc1e83cdaddf90b419 kernel-unsupported-2.4.21-32.0.1.EL.ia64.rpm x86_64: d532f04df3c0564483d86dd4e1705096 kernel-2.4.21-32.0.1.EL.ia32e.rpm 8a2779b71f5d106f65a45857f0632755 kernel-2.4.21-32.0.1.EL.x86_64.rpm e5c7ea7acd1a1f66ce323d709ad193e9 kernel-doc-2.4.21-32.0.1.EL.x86_64.rpm bc742330f75227eb12797af9ff926f47 kernel-smp-2.4.21-32.0.1.EL.x86_64.rpm c1f5b201f8f558e8630e849f6d51e596 kernel-smp-unsupported-2.4.21-32.0.1.EL.x86_64.rpm 1d6e7647f79c50e46dd536ace43fa781 kernel-source-2.4.21-32.0.1.EL.x86_64.rpm 8520b785bb89fb1d2727e5d3dabd90d1 kernel-unsupported-2.4.21-32.0.1.EL.ia32e.rpm cf1d9a17cd60efea252f414a537b7feb kernel-unsupported-2.4.21-32.0.1.EL.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://www.cve.org/CVERecord?id=CVE-CAN-2004-0491 https://www.cve.org/CVERecord?id=CVE-CAN-2005-0176 https://www.cve.org/CVERecord?id=CVE-CAN-2005-1263 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. . Critical kernel updates released for key security vulnerabilities in Red Hat Enterprise Linux 3, resolving several potential risks.. Kernel Update, Red Hat Security, Package Update, System Integrity, Security Issues. . Severity: Important. LinuxSecurity.com Team
May 25, 2005
•Important
Red Hat
98
security advisoryRed Hat LinuxcriticalDebian GNU/Linux: DSA-2021:1234-1 Important: LibX11 Security Vulnerability
Esound, the Gnome sound server, contains a race condition that a malicioususer could exploit to change permissions of any file owned by the esounduser.. ` --------------------------------------------------------------------- Red Hat, Inc. Security Advisory Synopsis: esound contains a race condition Advisory ID: RHSA-2000:077-03 Issue date: 2000-10-06 Updated on: 2000-10-06 Product: Red Hat Linux Keywords: esound security esd socket Gnome Cross references: N/A --------------------------------------------------------------------- 1. Topic: Esound, the Gnome sound server, contains a race condition that a malicious user could exploit to change permissions of any file owned by the esound user. 2. Relevant releases/architectures: Red Hat Linux 6.0 - i386, alpha, sparc Red Hat Linux 6.1 - i386, alpha, sparc Red Hat Linux 6.2 - i386, alpha, sparc Red Hat Linux 6.2EE - i386, alpha, sparc Red Hat Linux 7.0 - i386 Red Hat Linux 7.0J - i386 3. Problem description: Esound, the sound daemon used for Gnome, creates a world-writable directory, /tmp/.esd. This directory is owned by the user running esound, and is used to store a socket which is used by programs connecting to the sound server. During startup, this socket's permissions are adjusted. An attacker on the system can theoretically create a symbolic link, and cause any file or directory owned by the user running esound to be made world writable. The new packages fixes this race condition. 4. Solution: For each RPM for your particular architecture, run: rpm -Fvh [filename] where filename is the name of the RPM. All active Gnome sessions should also be restarted after the upgrade is applied. 5. Bug IDs fixed ( for more info): N/A 6. RPMs required: Red Hat Linux 6.x: alpha: sparc: i386: sources: Red Hat Linux 7.0: i386: sources: 7. Verification: MD5 sum PackageName -------------------------------------------------------------------------- 4f7a81fe6b7f5a419272659b92d1dfc1 6.2/SRPMS/esound-0.2.20-0.src.rpm 648746086daa7bbc6bef00697e62bf51 6.2/alpha/esound-0.2.20-0.alpha.rpm 8a7dbf7dabbd7d9ca2861c1ecf2b2d5f 6.2/alpha/esound-devel-0.2.20-0.alpha.rpm 962fa1129804f2d8470e1767a352f77f 6.2/i386/esound-0.2.20-0.i386.rpm 784ec77026228d31d823e619c1de78d8 6.2/i386/esound-devel-0.2.20-0.i386.rpm 2127fdd7654b80506952dce08c3f5014 6.2/sparc/esound-0.2.20-0.sparc.rpm 0c191eee05a89dc0d12b3ca4981d2353 6.2/sparc/esound-devel-0.2.20-0.sparc.rpm 24f8e1b106500565e8426ad96150a001 7.0/SRPMS/esound-0.2.20-1.src.rpm a61209acb87ed7f4fa5b1d63d161c85d 7.0/i386/esound-0.2.20-1.i386.rpm 6b326c66d570ee59eda7c2daf0ab4721 7.0/i386/esound-devel-0.2.20-1.i386.rpm These packages are GPG signed by Red Hat, Inc. for security. Our key is available at: You can verify each package with the following command: rpm --checksig If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg 8. References: BugTraq ID: 1659 () Copyright(c) 2000 Red Hat, Inc. `. The weakness in Xsound enables unapproved users to alter file accessibility settings. Urgent patches are essential to maintain protection on Fedora systems.. Esound Exploit, Red Hat Linux, Permissions Management. . Severity: Important. LinuxSecurity.com Team
Oct 06, 2000
•Important
Red Hat
100
security advisorySuSEDenial-of-ServiceFedora: Essential Patch Needed for xinetd Remote Exploit Vulnerability
The way in.identd is started by inetd from a standard /etc/inetd.conf on a SuSE Linux distribution may be exploited to mount a Denial-of-Service attack against the system. When inetd starts in.identd with the "wait" flag and the "-w -t120" options, the in.identd will start to listen on the well known port while inetd deactivates its own listener for the time in.identd is alive. . ______________________________________________________________________________ SuSE Security Announcement Package: netcfg-x.x.x-x Date: Tue Aug 25 07:10:09 MEST 1999 Affected: all Unix systems using auth daemon w/o resource control ______________________________________________________________________________ A security hole was discovered in the package mentioned above. Please update as soon as possible or disable the service if you are using this software on your SuSE Linux installation(s). Other Linux distributions or operating systems might be affected as well, please contact your vendor for information about this issue. Please note, that that we provide this information on as "as-is" basis only. There is no warranty whatsoever and no liability for any direct, indirect or incidental damage arising from this information or the installation of the update package. ______________________________________________________________________________ 1. Problem Description The way in.identd is started by inetd from a standard /etc/inetd.conf on a SuSE Linux distribution may be exploited to mount a Denial-of-Service attack against the system. When inetd starts in.identd with the "wait" flag and the "-w -t120" options, the in.identd will start to listen on the well known port while inetd deactivates its own listener for the time in.identd is alive. 2. Impact If many requests (say more than a hundred or so) are sent to the server at nearly the same time, in.identd will fork one child process for every request. This will eventually lead to a shortage of system resourcesand the computer will become unresponsive. 3. Solution To prevent the described vulnerability, change the start flag for in.identd in /etc/inetd.conf from "wait" to "nowait" and the in.identd options from "-w -t120 -e" to "-i -e". Many system administrators also decide not to run in.identd at all for security reasons, so this may a viable alternative in its own right. ______________________________________________________________________________ Webpage for patches: https://www.suse.com/de-de/ or try the following web pages for a list of mirrors: https://www.suse.com/de-de/ ______________________________________________________________________________ . Important notice regarding the netcfg vulnerability that can enable Denial-of-Service threats through in.identd on SuSE platforms. Immediate action required!. SuSE Security, Denial of Service, in.identd Update, netcfg Exploit. . Severity: Critical. LinuxSecurity.com Team
Dec 08, 1999
•Critical
SuSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!