LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: October 24th, 2014
Linux Security Week: October 20th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Ubuntu
Find the information you need for your favorite open source distribution

To browse through our weekly Linux Advisory Watch newsletters, click here.



Ubuntu: 1071-1: Linux kernel vulnerabilities  25 February 2011 
Posted by Benjamin D. Thomas   
Tavis Ormandy discovered that the Linux kernel did not properly implementexception fixup. A local attacker could exploit this to crash the kernel,leading to a denial of service. (CVE-2010-3086) [More...]
 
Ubuntu: 1070-1: Bind vulnerability  23 February 2011 
Posted by Benjamin D. Thomas   
It was discovered that Bind incorrectly handled IXFR transfers and dynamicupdates while under heavy load when used as an authoritative server. Aremote attacker could use this flaw to cause Bind to stop responding,resulting in a denial of service. [More...]
 
Ubuntu: 1069-1: Mailman vulnerabilities  22 February 2011 
Posted by Benjamin D. Thomas   
It was discovered that Mailman did not properly sanitize certain fields,resulting in cross-site scripting (XSS) vulnerabilities. With cross-sitescripting vulnerabilities, if a user were tricked into viewing serveroutput during a crafted server request, a remote attacker could exploitthis to modify the contents, or steal confidential data, within the same [More...]
 
Ubuntu: 1067-1: Telepathy Gabble vulnerability  17 February 2011 
Posted by Benjamin D. Thomas   
It was discovered that Gabble did not verify the from field of googlejingleinfo updates. This could allow a remote attacker to perform manin the middle attacks (MITM) on streamed media. [More...]
 
Ubuntu: 1065-1: shadow vulnerability  15 February 2011 
Posted by Benjamin D. Thomas   
Kees Cook discovered that some shadow utilities did not correctly validateuser input. A local attacker could exploit this flaw to inject newlines intothe /etc/passwd file. If the system was configured to use NIS, this couldlead to existing NIS groups or users gaining or losing access to the system,resulting in a denial of service or unauthorized access. [More...]
 
Ubuntu: 1063-1: QEMU vulnerability  14 February 2011 
Posted by Benjamin D. Thomas   
Neil Wilson discovered that if VNC passwords were blank in QEMUconfigurations, access to VNC sessions was allowed without a passwordinstead of being disabled. A remote attacker could connect to runningVNC sessions of QEMU and directly control the system. By default, QEMUdoes not start VNC sessions. [More...]
 
Ubuntu: 1060-1: Exim vulnerabilities  10 February 2011 
Posted by Benjamin D. Thomas   
It was discovered that Exim contained a design flaw in the way it processedalternate configuration files. An attacker that obtained privileges of the"Debian-exim" user could use an alternate configuration file to obtainroot privileges. (CVE-2010-4345) [More...]
 
<< Start < Prev 184 185 186 Next > End >>

Results 1296 - 1302 of 1929
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Pro-Privacy Senator Wyden on Fighting the NSA From Inside the System
NIST to hypervisor admins: secure your systems
Quick PHP patch beats slow research reveal
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.