How many Open Source apps does it take to screw in a light bulb? Here\’s the latest word from the Linux galaxy, Open Source projects, command line assistance, desktop environment downloads, distribution revisions, cross-platform tools, and general help for those exploring this fantastic OS!
Alright, so is this Nvidia code bug fixed or isn’t it? From what I am seeing, it appears that there are some conflicting reports.
Exploit code has been published for a security flaw in Nvidia’s Linux graphics driver that could let a remote intruder take over a system.
The proof-of-concept code shows how an attacker could launch […]
Hey Mambo and PHP users, you might want to make yourself aware of the security alert going around with regard to a nasty Linux worm working its way through certain systems.
For the most part, the idea of malware in Linux and OS X has been all but laughable. Still, I would challenge folks to tell me that having an outbreak in the future would be impossible. Sure, we do have that great Unix-styled security with limited access by default. But who’s to say what the […]
Personally, I think it’s unbelievable how unaware some folks are when it comes to now securing an OS properly. The article below really sums it all up I think…
I suppose some might argue that this is what we should expect from an Open Source antivirus. Speaking for myself, I think it could happen to any antivirus app…
I can’t get the current iDefence vulnerabilities page - I suspect it is because there are far too many people trying to get that page served to them (to do my part I’ve stopped trying to get it…) This info is from the e-mail that was sent to the mailing list. Sorry about […]
George Ou writes on ZDNet.com Blogs,
While news of Microsoft’s official patch for the WMF exploit reaches the web, I just received an email from H D Moore (founder of the metasploit project and creator of the original proof-of-concept WMF exploit code) that WINE was still vulnerable to the WMF exploit. He was kind enough […]
Secunia Advisory: SA16907
Critical: Highly critical -
Impact: System access -
Where: From remote -
Solution Status: Vendor Patch -
Software: Opera 7.x, Opera 8.x
Secunia Research has discovered a vulnerability in Opera, which can be exploited by malicious people to compromise a user’s system.
The vulnerability is caused due to the shell script used to launch Opera parsing shell commands that are […]
Apparently getting into the groove with security architecture is not as cut and dry as we once thought?
Well, this certainly blows. Apparently the Real Player for Linux has some flaws that could spell trouble for ‘Joe-User’ out there. With any luck, the flaw will be fixed here soon. Until then, I think that I will skip over this myself.
With most people, when they think encryption, they think of things like PGP encryption. But how many of us truly understand it? Not as many as we might like to think apparently. Good thing there are guides like this to help us along the way.
A vulnerability has been discovered in Thunderbird, which can be exploited by malicious people to compromise a user’s system.
The vulnerability is caused due to the shell script used to launch Thunderbird is parsing shell commands that are enclosed within backticks in the URL provided via the command line. This can e.g. be exploited to execute […]
“Secunia Advisory: SA16846
Critical: Extremely critical
Impact: System access
Where: From remote
Solution Status: Unpatched
Software: Mozilla 1.7.x
A vulnerability has been discovered in Mozilla Suite, which can be exploited by malicious people to compromise a user’s system.
For more information: SA16869
This vulnerability can only be exploited on Unix / Linux based environments.
The vulnerability has been confirmed in version 1.7.11. Other versions […]
“Secunia Advisory: SA16869
Critical: Extremely critical
Impact: System access
Where: From remote
Solution Status: Unpatched
Software: Mozilla Firefox 1.x
I am too tired today and will refrain from getting onto my soapbox. I will say for the record that while MS works hard at using the word security, they still need to do something about their own track record before most people will ever take them seriously when compared to OSS in the security […]
As concerns of Internet and system security continues to rise, it seems like Symantec is ready to step up the plate with an answer of their own. How does Linux play into this? Just read on to find out…
One of the hottest debates of late is about the security of Windows vs. the security of Linux. Personally, I think it’s becoming an argument of semantics. Yes, an unpatched box of either flavor is bound to get nailed at some point in time. In fact, anything you connect to the Internet without proper security […]
“Secunia Advisory: SA14925
Critical: Less critical
Impact: Spoofing
Where: From remote
Solution Status: Unpatched
Software: KDE 3.x
Noam Rathaus has discovered a vulnerability in KMail, which can be exploited by malicious people to conduct spoofing attacks.
The vulnerability is caused due to an error where HTML code can overlay part of the user interface. This can e.g. be exploited to trick a user […]
“Secunia Advisory: SA14713
Release Date: 2005-03-29
Critical: Moderately critical
Impact: Exposure of system information, Exposure of sensitive information, Privilege escalation, DoS, System access
Where: From remote
Solution Status: Vendor Patch
OS: Linux Kernel 2.4.x, Linux Kernel 2.6.x
Multiple vulnerabilities have been reported in the Linux kernel, which can be exploited to disclose information, cause a DoS (Denial of Service), gain escalated privileges, or […]
“Secunia Advisory: SA13717
Critical: Less critical
Impact: Spoofing
Where: From remote
Solution Status: Unpatched
Software: Konqueror 3.x
Secunia Research has discovered a vulnerability in Konqueror, which can be exploited by malicious people to spoof the source displayed in the Download Dialog box.
The problem is that long sub-domains and paths aren’t displayed correctly, which therefore can be exploited to obfuscate what is […]