Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Advisory Watch: February 27th, 2015
Linux Security Week: February 23rd, 2015
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

Find the information you need for your favorite open source distribution

To browse through our weekly Linux Advisory Watch newsletters, click here.

Ubuntu: 1071-1: Linux kernel vulnerabilities  25 February 2011 
Posted by Benjamin D. Thomas   
Tavis Ormandy discovered that the Linux kernel did not properly implementexception fixup. A local attacker could exploit this to crash the kernel,leading to a denial of service. (CVE-2010-3086) [More...]
Ubuntu: 1070-1: Bind vulnerability  23 February 2011 
Posted by Benjamin D. Thomas   
It was discovered that Bind incorrectly handled IXFR transfers and dynamicupdates while under heavy load when used as an authoritative server. Aremote attacker could use this flaw to cause Bind to stop responding,resulting in a denial of service. [More...]
Ubuntu: 1069-1: Mailman vulnerabilities  22 February 2011 
Posted by Benjamin D. Thomas   
It was discovered that Mailman did not properly sanitize certain fields,resulting in cross-site scripting (XSS) vulnerabilities. With cross-sitescripting vulnerabilities, if a user were tricked into viewing serveroutput during a crafted server request, a remote attacker could exploitthis to modify the contents, or steal confidential data, within the same [More...]
Ubuntu: 1067-1: Telepathy Gabble vulnerability  17 February 2011 
Posted by Benjamin D. Thomas   
It was discovered that Gabble did not verify the from field of googlejingleinfo updates. This could allow a remote attacker to perform manin the middle attacks (MITM) on streamed media. [More...]
Ubuntu: 1065-1: shadow vulnerability  15 February 2011 
Posted by Benjamin D. Thomas   
Kees Cook discovered that some shadow utilities did not correctly validateuser input. A local attacker could exploit this flaw to inject newlines intothe /etc/passwd file. If the system was configured to use NIS, this couldlead to existing NIS groups or users gaining or losing access to the system,resulting in a denial of service or unauthorized access. [More...]
Ubuntu: 1063-1: QEMU vulnerability  14 February 2011 
Posted by Benjamin D. Thomas   
Neil Wilson discovered that if VNC passwords were blank in QEMUconfigurations, access to VNC sessions was allowed without a passwordinstead of being disabled. A remote attacker could connect to runningVNC sessions of QEMU and directly control the system. By default, QEMUdoes not start VNC sessions. [More...]
Ubuntu: 1060-1: Exim vulnerabilities  10 February 2011 
Posted by Benjamin D. Thomas   
It was discovered that Exim contained a design flaw in the way it processedalternate configuration files. An attacker that obtained privileges of the"Debian-exim" user could use an alternate configuration file to obtainroot privileges. (CVE-2010-4345) [More...]
<< Start < Prev 205 206 207 Next > End >>

Results 1436 - 1442 of 2069


Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
D-Link Routers Haunted by Remote Command Injection Bug -
Mozilla Pushes Hot Fix to Remove Superfish Cert From Firefox
The Deadly Game of Cyber Mis-Attribution
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2015 Guardian Digital, Inc. All rights reserved.