Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Security Week: July 28th, 2014
Linux Advisory Watch: July 25th, 2014
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

Find the information you need for your favorite open source distribution

To browse through our weekly Linux Advisory Watch newsletters, click here.

Ubuntu: 1044-1: D-Bus vulnerability  18 January 2011 
Posted by Benjamin D. Thomas   
Remi Denis-Courmont discovered that D-Bus did not properly validate thenumber of nested variants when validating D-Bus messages. A local attackercould exploit this to cause a denial of service. [More...]
Ubuntu: 1042-2: PHP5 regression  13 January 2011 
Posted by Benjamin D. Thomas   
USN-1042-1 fixed vulnerabilities in PHP5. The fix for CVE-2010-3436introduced a regression in the open_basedir restriction handling code.This update fixes the problem. [More...]
Ubuntu: 1043-1: Little CMS vulnerability  12 January 2011 
Posted by Benjamin D. Thomas   
It was discovered that a NULL pointer dereference in the code forhandling transformations of monochrome profiles could allow an attackerto cause a denial of service through a specially crafted image.(CVE-2009-0793) [More...]
Ubuntu: 1009-2: GNU C Library vulnerability  12 January 2011 
Posted by Benjamin D. Thomas   
USN-1009-1 fixed vulnerabilities in the GNU C library. Colin Watsondiscovered that the fixes were incomplete and introduced flaws withsetuid programs loading libraries that used dynamic string tokens in theirRPATH. If the "man" program was installed setuid, a local attacker couldexploit this to gain "man" user privileges, potentially leading to further [More...]
Ubuntu: 1042-1: PHP vulnerabilities  11 January 2011 
Posted by Benjamin D. Thomas   
It was discovered that an integer overflow in the XML UTF-8 decodingcode could allow an attacker to bypass cross-site scripting (XSS)protections. This issue only affected Ubuntu 6.06 LTS, Ubuntu 8.04 LTS,and Ubuntu 9.10. (CVE-2009-5016) [More...]
Ubuntu: 1041-1: Linux kernel vulnerabilities  10 January 2011 
Posted by Benjamin D. Thomas   
Dan Rosenberg discovered that the btrfs filesystem did not correctlyvalidate permissions when using the clone function. A local attacker couldoverwrite the contents of file handles that were opened for append-only,or potentially read arbitrary contents, leading to a loss of privacy. OnlyUbuntu 9.10 was affected. (CVE-2010-2537, CVE-2010-2538) [More...]
Ubuntu: 1040-1: Django vulnerabilities  06 January 2011 
Posted by Benjamin D. Thomas   
Adam Baldwin discovered that Django did not properly validate query stringlookups. This could be exploited to provide an information leak to anattacker with admin privilieges. (CVE-2010-4534) [More...]
<< Start < Prev 175 176 177 Next > End >>

Results 1219 - 1225 of 1833


Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Ottawa Linux Symposium: May get by with a little help from its friends
Black Hat 2014: How to crack just about everything
NSA Playset, 911 hacked and war cats: A wild ride at DEF CON 22
More Details of Onion/Critroni Crypto Ransomware Emerge
Is there Another NSA Leaker? Updated
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.