Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found -1 articles for you...
78
security advisorybuffer overflowremote threatWindows NT to Server 2003: Critical Unpatched Bugs Exploiting Remote Access
A trio of new and unpatched vulnerabilities in Microsoft Windows were made public on security mailing lists over the weekend, nudging some security vendors to alert users that their systems may be open to attack and hijacking. The vulnerabilities, first reported by a Chinese group and then posted to the Bugtraq mailing list, are in Windows' LoadImage API function, its animated cursor files, and in the way it handles help files. All of the bugs are as yet unpatched. All currently-supported versions of Windows -- Windows NT, 2000, XP, and Windows Server 2003 -- are affected by the three flaws, said Venustech, the Chinese security firm that posted analysis on Bugtraq. Some impact Windows XP Service Pack 2 (SP2), some don't. . The LoadImage API vulnerability, for instance -- the latest in a series of image-related vulnerabilities that have hit Windows, Unix, and Linux -- affects Windows NT through Windows Server 2003. Whether Windows XP SP2 is at risk, however, isn't yet known. This vulnerability could be exploited by attackers who entice users to a malicious Web site that includes a specially-crafted icon, cursor, animated cursor, or bitmap file, said Danish security firm Secunia in its alert. Alternately, the malicious image could be delivered via HTML e-mail. Users who view such messages or visit such sites could find their systems hijacked by hackers, who would be able to run their own code remotely on the PC. The second bug, which is in Windows' ANI (animated cursor) files, could be used by an attacker to crash or freeze a Windows PC, said Venustech in its analysis. Windows XP SP2 is not vulnerable to this flaw, however. But it is to the third, and last, of the trio, which revolves around how Windows parses help files. The bug can be exploited to create a buffer overflow, and thus give attackers control of the computer, if users open a maliciously-crafted help file posted on a site or sent to them via e-mail. The link for this article located at securitypipeline.com is no longer available. . The LoadImage API vulnerability, for instance -- the latest in a series of image-related vulnerabili. unpatched, vulnerabilities, microsoft, windows, public, security, mailin. . LinuxSecurity.com Team
Dec 28, 2004
•
Vendors/Products
78
security advisoryRed HatDoSRed Hat OpenSSL: 2003/10/02 Moderate Remote DoS Advisory
Mr. Hornik discovered remote vulnerability in OpenSSL package provided by RedHat. Because of nature of this bug some other vendors can be vulnerable too. This vulnerability is inside SSLv2 server code and allows . . . . Mr. Hornik discovered remote vulnerability in OpenSSL package provided by Red Hat. Because of nature of this bug some other vendors can be vulnerable too. This vulnerability is inside SSLv2 server code and allows killing remote process running OpenSSL library as SSL server, resulting in DoS. From: Patrik Hornik To: lt; bugtraq@ > Date: Thu, 2 Oct 2003 10:10:19 +0200 Subject: New OpenSSL remote vulnerability (issue date 2003/10/02) ====================================================================== Security advisory 20031002 - ---------------------------------------------------------------------- Product: openssl Issue date: 2003/10/02 Last updated: 2003/10/02 ====================================================================== OpenSSL remote vulnerability ============================ Mr. Hornik discovered remote vulnerability in OpenSSL package provided by Red Hat. Because of nature of this bug some other vendors can be vulnerable too. This vulnerability is inside SSLv2 server code and allows killing remote process running OpenSSL library as SSL server, resulting in DoS. The vulnerability is different from one found in SSLv2 OpenSSL server announced on 2002/07/30. Vulnerability - ------------- By constructing special SSLv2 CLIENT_MASTER_KEY message the following execution path can be obtained - we are reffering to source lines from openssl-0.9.6b-32.7.src.rpm from RH 7.3. When: i, negotated cipher is some export cipher, for example EXP-RC4-MD5 ii, length of the clear is increased for example by 64 (see below) Then this execution path happens: 1, on ssl/s2_srvr.c:419 condition is_export && (s-> s2-> tmp.clear+i!= EVP_CIPHER_key_length(c)) becomes true because of i, and ii, 2, on ssl/s2_srvr.c:424 i is "fixed", but tmp.clear stays unchanged 3, on ssl/s2_srvr.c:450 because is_export is true integer variable i is increased by big enough value (ii,) 4, on ssl/s2_srvr.c:451 die causes abort of the process leading to DoS Who is affected? - ---------------- Affected are all Red Hat distributions up to version 8.0 including. Red Hat published patch on 2003/09/30 silently without issuing warning about existence of vulnerability. Red Hat announced the patch in its advisory RHSA-2003:291-11. openssl.org sources starting with version 0.9.6f and distribution packages based on these versions are not vulnerable, because OpenSSL starting from 0.9.6f are avoiding using die() call because of its potential risk. Recommendations - --------------- We recommend to upgrade openssl package to the version issued on 2003/09/30 and after in all Red Hat distributions up to 8.0. Until the new version will be installed we recommend to disable SSLv2 functionality whenever it is possible. (In Apache + mod_ssl for example it is enabled by default and it can be disabled, please refer to mod_ssl documentation.) References - ---------- OpenSSL project: /index.html OpenSSL vulnerability announced on 2002/07/30: This security advisory: 31002.txt Contact - ------- Patrik Hornik - -- Security Consultant . Uncover a secluded vulnerability in OpenSSL impacting Red Hat systems, which may result in possible Denial-of-Service scenarios.. OpenSSL Security, Remote Threat, Red Hat Security, DoS Attack, SSL Protocol Issue. . LinuxSecurity.com Team
Oct 02, 2003
•
Vendors/Products
78
security advisorybuffer overflowcode executionSSH Clients and Servers: Buffer Overflows and Code Execution Threats
Some SSH clients and servers have buffer overflows in the key exchange initialization and startup code that may be exploitable by a remote attacker in a denial-of-service attack or, under some conditions, allow the execution of arbitrary code as the root . . . . Some SSH clients and servers have buffer overflows in the key exchange initialization and startup code that may be exploitable by a remote attacker in a denial-of-service attack or, under some conditions, allow the execution of arbitrary code as the root user. These buffer overflows are in code that is executed prior to user authentication. Implementations of SSH that have been reported to be vulnerable by at least one source include: F-Secure Corp's SSH servers and clients for Unix (v3.1.0 build 11 and older) and Windows (v5.2 and older); SSH Communications Security, Inc. SSH for Unix and Windows (v3.2.2 and older); FiSSH SSH client for Windows (v1.0A and older); SecureNetTerm client for Windows (v5.4.1 and older) NetComposite ShellGuard SSH client for Windows (v3.4.6 and older); Pragma Systems, Inc. SecureShell SSH server for Windows (v2 and older); PuTTY SSH client for Windows (v0.53 and older); and WinSCP SCP client for Windows (v2.0.0 and older). A trojan SSH server has been released that exploits this problem in the PuTTY SSH client. . Various SSH applications, comprising both client and server components, have critical buffer overflow vulnerabilities allowing for remote code execution and denial-of-service attacks. SSH Clients, SSH Servers, Buffer Overflow, Remote Exploits, Code Execution. . LinuxSecurity.com Team
Jan 10, 2003
•
Vendors/Products
78
security advisoryapacheexploitClarifying Apache Exploit Advisory: ISSAtlanta's Take on Remote Threats
Update: Another follow up statement was written by ISSAtlanta also issued through Bugtraq. Apparently ISS is still recieving emails about this issue.. . .. Update: Another follow up statement was written by ISSAtlanta also issued through Bugtraq. Apparently ISS is still recieving emails about this issue. Date: Fri, 21 Jun 2002 16:15:53 -0400 From: "Klaus, Chris (ISSAtlanta)" To: "'bugtraq@'" Subject: ISS Advisory clarification Quick clarification on several points based on emails that I've received: 1) We did notify Apache before going public. ISS X-Force emailed Apache in the morning at 9:44am regarding this Advisory. We waited until the afternoon before sending to Bugtraq for approval and finally reaching the Bugtraq mailing list archive at approximately Jun 17 2002 3:57PM. 2) Apache was not aware that a remote exploit vulnerability existed until ISS X-Force alerted them to the seriousness of this. They were working on denial of service issues. 3) ISS X-Force patch did work against the remote exploit that we found and it did address the Gobbles exploit. While our patch did properly work against the remote exploits, we recommend using the official Apache patch. Apache's updated patch includes fixes for the remote exploit and denial of service attacks. 4) While the general nature of open-source and its virtual organizations do have enforcement of strict confidentiality issues, this is not true for every single open-source project. This is based on the past experience. We have seen where open-source projects spread information immediately in the wild and we have seen some that are organized to maintain confidentiality. ISS X-Force deals with all vendors on a case-by-case basis to provide maximum protection for our customers and the community. We are currently working with another major vulnerability dealing with an open-source vendor whereby we both are coordinating and cooperating and shrinking the 30 day quiet period significantly to quickly provide a patch to the public. We aretrying to learn from our experience and continue to improve the advisory release process. We are hoping this next major advisory will be received more positively. *********************************************************************** Christopher W. Klaus Founder and CTO Internet Security Systems (ISS) 6303 Barfield Road Atlanta, GA 30328 Phone: 404-236-4051 Fax: 404-236-2637 web NASDAQ: ISSX Internet Security Systems ~ The Power To Protect ISSAtlanta issued their statement today on Bugtraq clarifying their position on the Apache Chunk Encoding Vulnerability/Exploit. To: BugTraq Subject: ISS Apache Advisory Response Date: Jun 20 2002 10:06PM Author: Klaus, Chris (ISSAtlanta) Message-ID: There has been a lot of misinformation spread about our ISS Apache Advisory and wanted to clean up any confusion and misunderstanding. 1) Our policy for publishing advisories is to give a vendor 30 to 45 day quiet period to provide an opportunity to create a patch or work around. If an exploit for the vulnerability appears in the wild, or a patch and work-around is provided by the vendor or ISS X-Force, this quiet period is disregarded and the ISS X-Force advisory is published immediately. In the case of this advisory, ISS X-Force provided an Apache patch and did not see a need for a long quiet period. 2) The original ISS X-Force Apache Patch did work properly against the specific vulnerability described by X-Force, despite claims that it did not. The Apache and CERT advisories on their websites have been corrected to reflect this. 3) ISS was not aware of other researchers discovering this vulnerability nor aware of it in the wild at the time of the release of the advisory. 4) Following along with Presidential Decision Directive-63, ISS had cooperated and coordinated with National Infrastructure Protection Center (NIPC) on this advisory. We will continue to work with NIPC on upcoming advisories. 5) The Gobbles' exploit has confirmed our decision to release as soon as possiblebased on our assumption that others were likely to discover the same vulnerability in the wild. 6) We do not view this as a race to beat other researchers to releasing an advisory, but a race to protect our customers in a timely manner. Due to the general nature of open-source and its openness, the virtual organizations behind the projects do not have an ability to enforce strict confidentiality. By notifying the open source project, its nature is that the information is quickly spread in the wild disregarding any type of quiet period. ISS X-Force minimizes the quiet period and delay of protecting customers by providing a security patch. ISS has made these decisions based on our mission to provide the best security to our customers and being a trusted security advisor. Sincerely, Christoper W. Klaus *********************************************************************** Christopher W. Klaus Founder and CTO Internet Security Systems (ISS) 6303 Barfield Road Atlanta, GA 30328 Phone: 404-236-4051 Fax: 404-236-2637 web NASDAQ: ISSX Internet Security Systems ~ The Power To Protect . ISSAtlanta outlines key insights regarding the Apache vulnerability alert and its management to strengthen security measures.. Apache Exploit, Patch Advisory, Remote Threat, Security Response. . LinuxSecurity.com Team
Jun 21, 2002
•
Vendors/Products
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More