Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Security Week: March 30th, 2015
Linux Advisory Watch: March 27th, 2015
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

Find the information you need for your favorite open source distribution

To browse through our weekly Linux Advisory Watch newsletters, click here.

Mandrake: evolution various bugs fix  14 December 2004 
This update provides Evolution 2.0.3 which fixes a number of bugs found in the previous version of Evolution, including the possibility to lose mail when Evolution sends an email message, that fails to send, but Evolution doesn't realize it has failed.
Mandrake: openssl fix  07 December 2004 
The Trustix developers found that the der_chop script, included in the openssl package, created temporary files insecurely. This could allow local users to overwrite files using a symlink attack.
Mandrake: nfs-utils fix  07 December 2004 
SGI developers discovered a remote DoS (Denial of Service) condition in the NFS statd server. rpc.statd did not ignore the "SIGPIPE" signal which would cause it to shutdown if a misconfigured or malicious peer terminated the TCP connection prematurely.
Mandrake: rp-pppoe fix  07 December 2004 
Max Vozeler discovered a vulnerability in pppoe, part of the rp-pppoe package. When pppoe is running setuid root, an attacker can overwrite any file on the system. Mandrakelinux does not install pppoe setuid root, however the packages have been patched to prevent this problem.
Mandrake: lvml fix  07 December 2004 
The Trustix developers discovered that the lvmcreate_initrd script, part of the lvm1 package, created a temporary directory in an insecure manner. This could allow for a symlink attack to create or overwrite arbitrary files with the privileges of the user running the script.
Mandrake: ImageMagick fix  07 December 2004 
A vulnerability was discovered in ImageMagick where, due to a boundary error within the EXIF parsing routine, a specially crafted graphic image could potentially lead to the execution of arbitrary code.
Mandrake: gzip fix  07 December 2004 
The Trustix developers found some insecure temporary file creation problems in the zdiff, znew, and gzeze supplemental scripts in the gzip package. These flaws could allow local users to overwrite files via a symlink attack.
<< Start < Prev 463 464 465 Next > End >>

Results 3235 - 3241 of 3826


Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Feds Charged With Stealing Money During Silk Road Investigation
EFF questions US government's software flaw disclosure policy
Hotel Router Vulnerability A Reminder Of Untrusted WiFi Risks
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2015 Guardian Digital, Inc. All rights reserved.