The Community's Center for Security


The central voice for Linux and Open Source security news

Welcome!

Sign up!

EnGarde Community

Polls

How strictly do your users obey your security policies?

	To the letter.
	For the most part.
	When it suits them.
	By chance.
	Not at all.

Advisories

Community

Linux Events

Linux User Groups

Link to Us

Security Center

Book Reviews

Security Dictionary

Security Tips

SELinux

White Papers

Featured Blogs

Emily Ratliff: OS Security

DanWalsh LiveJournal

Security Bloggers Network

Latest Newsletters

Linux Advisory Watch: November 21st, 2008

Linux Security Week: November 17th, 2008

LinuxSecurity Newsletters

RSS Feeds

Get the LinuxSecurity news you want faster with RSS

Slackware: seamonkey

16 November 2008

User Rating:

How can I rate this item?

Posted by Benjamin D. Thomas
New seamonkey packages are available for Slackware 11.0, 12.0, 12.1, and -current to fix security issues. More details may be found on the Mozilla web site: http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html
Read more...

Mandriva: Subject: [Security Announce] [ MDVA-2008:171 ] gdm

14 November 2008

User Rating:

How can I rate this item?

Posted by Benjamin D. Thomas
An incorrect memory deallocation was causing a crash when the GNOME display manager was exiting. This package update fixes this issue and includes additional bug fixes and translation updates.
Read more...

Mandriva: Subject: [Security Announce] [ MDVSA-2008:229 ] clamav

14 November 2008

User Rating:

How can I rate this item?

Posted by Benjamin D. Thomas
An off-by-one error was found in ClamAV versions prior to 0.94.1 that could allow remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted VBA project file (CVE-2008-5050). Other bugs have also been corrected in 0.94.1 which is being provided with this update.
Read more...

Problems with Penetration Testing

14 November 2008

User Rating:

How can I rate this item?

Source: itmanagement - Posted by Bill Keys

Penetration testing is as popular as ever, yet it continues to miss the mark. As a means of validating the security of an application system, it fails miserably on several counts. I continue to find organizations that make extensive use of penetration testing as their primary means of security testing systems before they go live, or periodically while they are in production. There are a myriad of problems with this approach, but I’d like to address one particular here that you likely haven’t considered. This article looks at some of the issues with doing penetration testing. Do you do penetration testing on your applications?

Write Comment

Fedora 8 Update: clamav-0.92.1-4.fc8

14 November 2008

User Rating:

How can I rate this item?

Posted by Benjamin D. Thomas
Security fixes from upstream 0.94 and 0.94.1: CVE-2008-3912 (#461461): Multiple out-of-memory NULL pointer dereferences CVE-2008-3913 (#461461): Fix memory leak in the error code path in freshclam CVE-2008-3914 (#461461): File descriptor leak on the error code path CVE-2008-5050 (#470783): get_unicode_name() off-by-one buffer overflow
Read more...

More...

<< Start < Prev 4 5 6 Next > End >>

Results 28 - 36 of 23084

Partner:

Latest Features

A Secure Nagios Server

Never Installed a Firewall on Ubuntu? Try Firestarter

Review: Hacking Exposed Linux, Third Edition

Security Features of Firefox 3.0

Review: The Book of Wireless

April 2008 Open Source Tool of the Month: sudo

Open Source Tool of March: ZoneMinder

Yesterday's Edition

Hardening The Linux Kernel With Grsecurity (Debian)

Upcoming Conference Talks on SELinux Applications: sVirt and Kiosk Mode

QuickLinks: Comunity , HOWTOs , Blogs , Features , Book Reviews , Networking ,
Security Projects , Latest News , Newsletters , SELinux , Privacy , Home,
Hardening , About Us, Advertise, Legal Notice, RSS, Guardian Digital