Find the information you need for your favorite open source distribution .
Some SQL-injection vulnerabilities were found in IMP 2.x that allow an attacker to access the underlying database.
An attacker with CVS read access to compromise a CVS server. Additionally two features ('Update-prog' and 'Checkin-prog') were disabled to stop clients with write access to execute arbitrary code on the server.
The ISC (Internet Software Consortium) dhcp package is an implementation of the Dynamic Host Configuration Protocol (DHCP).
Remote attackers can insert certain characters in CGI queries to the susehelp system tricking it into executing arbitrary code as the "wwwrun" user.
Due to wrong calculation of some loop offset values a buffer overflow can occur.
Within the MySQL server the password checking and a signedness issue has been fixed.
There are several security issues with CUPS that can lead to local and remote root compromise.
Stefan Esser of e-matters reported a bug in fetchmail's mail address expanding code which can lead to remote system compromise.
The cyrus imapd contains a buffer overflow which could be exploited by remote attackers prior to logging in.
Multiple buffer overflow vulnerabilities exist in OpenLDAP2.
While parsing and escaping characters of eMail addresses pine does not allocate enough memory for storing the escaped mailbox part of an address.
There was a bug in the length checking for encrypted password change requests from clients.
The security research company ISS (Internet Security Services) has discovered several vulnerabilities in the BIND8 name server, including a remotely exploitable buffer overflow.
Traceroute-nanog requires root privilege to open a raw socket. It does not relinquish these privileges after doing so. This allows a malicious user to gain root access by exploiting a buffer overflow at a later point.
It is possible for a local attacker to exploit a buffer overflow condition in resLISa, a restricted version of KLISa.
This package contains a security hole which allows remote attackers to execute arbitrary commands in certain circumstances.
There is a vulnerability where local attackers can pass certain commandline arguments to lpr running as root, fooling it to execute arbitrary commands as root.
Syslog-ng contained buffer overflows in its macro expansion routines.
The PostgreSQL Object-Relational DBMS was found vulnerable to several security related buffer overflow problems.
A remote attacker could send a speciallycrafted TCP packet that overflows a buffer, leaving heartbeat to execute arbitrary code as root.
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
