LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: September 15th, 2014
Linux Security Week: September 8th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Ubuntu
Find the information you need for your favorite open source distribution

To browse through our weekly Linux Advisory Watch newsletters, click here.



Ubuntu: 1067-1: Telepathy Gabble vulnerability  17 February 2011 
Posted by Benjamin D. Thomas   
It was discovered that Gabble did not verify the from field of googlejingleinfo updates. This could allow a remote attacker to perform manin the middle attacks (MITM) on streamed media. [More...]
 
Ubuntu: 1065-1: shadow vulnerability  15 February 2011 
Posted by Benjamin D. Thomas   
Kees Cook discovered that some shadow utilities did not correctly validateuser input. A local attacker could exploit this flaw to inject newlines intothe /etc/passwd file. If the system was configured to use NIS, this couldlead to existing NIS groups or users gaining or losing access to the system,resulting in a denial of service or unauthorized access. [More...]
 
Ubuntu: 1063-1: QEMU vulnerability  14 February 2011 
Posted by Benjamin D. Thomas   
Neil Wilson discovered that if VNC passwords were blank in QEMUconfigurations, access to VNC sessions was allowed without a passwordinstead of being disabled. A remote attacker could connect to runningVNC sessions of QEMU and directly control the system. By default, QEMUdoes not start VNC sessions. [More...]
 
Ubuntu: 1060-1: Exim vulnerabilities  10 February 2011 
Posted by Benjamin D. Thomas   
It was discovered that Exim contained a design flaw in the way it processedalternate configuration files. An attacker that obtained privileges of the"Debian-exim" user could use an alternate configuration file to obtainroot privileges. (CVE-2010-4345) [More...]
 
Ubuntu: 1059-1: Dovecot vulnerabilities  07 February 2011 
Posted by Benjamin D. Thomas   
It was discovered that the ACL plugin in Dovecot would incorrectlypropagate ACLs to new mailboxes. A remote authenticated user could possiblyread new mailboxes that were created with the wrong ACL. (CVE-2010-3304) [More...]
 
Ubuntu: 1058-1: PostgreSQL vulnerability  03 February 2011 
Posted by Benjamin D. Thomas   
Geoff Keating reported that a buffer overflow exists in the intarraymodule's input function for the query_int type. This could allow anattacker to cause a denial of service or possibly execute arbitrarycode as the postgres user. [More...]
 
Ubuntu: 1057-1: Linux kernel vulnerabilities  03 February 2011 
Posted by Benjamin D. Thomas   
Dave Chinner discovered that the XFS filesystem did not correctly orderinode lookups when exported by NFS. A remote attacker could exploit this toread or write disk blocks that had changed file assignment or had becomeunlinked, leading to a loss of privacy. (CVE-2010-2943) [More...]
 
<< Start < Prev 178 179 180 Next > End >>

Results 1254 - 1260 of 1884
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Today's Security Hacks Are After More Than Bank Info
How Boston Children's Hospital Hit Back at Anonymous
SNMP DDoS Scans Spoof Google Public DNS Server
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.