Find the information you need for your favorite open source distribution .
Recently two problems have been found in the glibc suite, which could beused to trick setuid applications to run arbitrary code.
A format string bug was recently discovered in screen which can be used to gain elevated privilages if screen is setuid.
Recently two problems have been found in the glibc suite, which could beused to trick setuid applications to run arbitrary code.
An updated netscape package now exists to fix several remote exploit vulnerabilities.
The version of X-Chat that was distributed with Debian GNU/Linux 2.2 has a vulnerability in the URL handling code.
Ntop was still exploitable using bufferoverflows. Using this technique it was possible to run arbitrary codeas the user who ran ntop in web mode.
On versions of Zope prior to 2.2.1 it was possible for a user with theability to edit DTML to gain unauthorized access to extra roles during arequest. A fix was previously announced in the Debian zope package2.1.6-5.1, but that package did not fully address the issue and has beensuperseded by this announcement.
There is a format string bug in all versions of xlockmore/xlockmore-gl.
On versions of Zope prior to 2.2beta1 it was possible for a user with theability to edit DTML can gain unauthorized access to extra roles during arequest.
Using ntop to distribute network traffic through the network, it is possible to access arbitrary files on the local filesystem. Since ntop runs as root uid, guess what that means, even /etc/shadow got unsecured.
Exploit exists that could result in a malicious user obtaining group mailman permission.
It might be possible for local usersto abuse this to carry out unauthorised actions or be able to takecontrol for service user accounts.
The versions of the ISC DHCP client in debian 2.1 (slink) and debian 2.2 (potato) are vulnerable to a root exploit.
The version of wu-ftpd distributed in Debian GNU/Linux 2.1 (a.k.a. slink), as well as in the frozen (potato) and unstable (woody) distributions, is vulnerable to a remote root compromise.
The version of splitvt distributed in Debian GNU/Linux 2.1, the frozen (potato) and unstable (woody) distributions, is vulnerable to a local buffer overflow.
The version of mailx distributed in Debian GNU/Linux 2.1, the frozen (potato) and unstable (woody) distributions is vulnerable to a local buffer overflow.
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
