Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Advisory Watch: March 27th, 2015
Linux Security Week: March 23rd, 2015
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

Find the information you need for your favorite open source distribution

To browse through our weekly Linux Advisory Watch newsletters, click here.

Ubuntu: 1070-1: Bind vulnerability  23 February 2011 
Posted by Benjamin D. Thomas   
It was discovered that Bind incorrectly handled IXFR transfers and dynamicupdates while under heavy load when used as an authoritative server. Aremote attacker could use this flaw to cause Bind to stop responding,resulting in a denial of service. [More...]
Ubuntu: 1069-1: Mailman vulnerabilities  22 February 2011 
Posted by Benjamin D. Thomas   
It was discovered that Mailman did not properly sanitize certain fields,resulting in cross-site scripting (XSS) vulnerabilities. With cross-sitescripting vulnerabilities, if a user were tricked into viewing serveroutput during a crafted server request, a remote attacker could exploitthis to modify the contents, or steal confidential data, within the same [More...]
Ubuntu: 1067-1: Telepathy Gabble vulnerability  17 February 2011 
Posted by Benjamin D. Thomas   
It was discovered that Gabble did not verify the from field of googlejingleinfo updates. This could allow a remote attacker to perform manin the middle attacks (MITM) on streamed media. [More...]
Ubuntu: 1065-1: shadow vulnerability  15 February 2011 
Posted by Benjamin D. Thomas   
Kees Cook discovered that some shadow utilities did not correctly validateuser input. A local attacker could exploit this flaw to inject newlines intothe /etc/passwd file. If the system was configured to use NIS, this couldlead to existing NIS groups or users gaining or losing access to the system,resulting in a denial of service or unauthorized access. [More...]
Ubuntu: 1063-1: QEMU vulnerability  14 February 2011 
Posted by Benjamin D. Thomas   
Neil Wilson discovered that if VNC passwords were blank in QEMUconfigurations, access to VNC sessions was allowed without a passwordinstead of being disabled. A remote attacker could connect to runningVNC sessions of QEMU and directly control the system. By default, QEMUdoes not start VNC sessions. [More...]
Ubuntu: 1060-1: Exim vulnerabilities  10 February 2011 
Posted by Benjamin D. Thomas   
It was discovered that Exim contained a design flaw in the way it processedalternate configuration files. An attacker that obtained privileges of the"Debian-exim" user could use an alternate configuration file to obtainroot privileges. (CVE-2010-4345) [More...]
Ubuntu: 1059-1: Dovecot vulnerabilities  07 February 2011 
Posted by Benjamin D. Thomas   
It was discovered that the ACL plugin in Dovecot would incorrectlypropagate ACLs to new mailboxes. A remote authenticated user could possiblyread new mailboxes that were created with the wrong ACL. (CVE-2010-3304) [More...]
<< Start < Prev 211 212 213 Next > End >>

Results 1471 - 1477 of 2103


Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
FBI Quietly Removes Recommendation To Encrypt Your Phone
And the prize for LEAST SECURE BROWSER goes to ... Chrome!
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2015 Guardian Digital, Inc. All rights reserved.