Summary
Detail | |||
---|---|---|---|
Vendor | Novell | First view | 2007-01-23 |
Product | Suse Linux | Last view | 2007-08-20 |
Version | 10.1 | Type | Os |
Update | * | ||
Edition | * | ||
Language | * | ||
Sofware Edition | * | ||
Target Software | * | ||
Target Hardware | * | ||
Other | * | ||
CPE Product | cpe:2.3:o:novell:suse_linux |
Activity : Overall
Related : CVE
Date | Alert | Description | |
---|---|---|---|
4.6 | 2007-08-20 | CVE-2007-4432 | Untrusted search path vulnerability in the wrapper scripts for the (1) rug, (2) zen-updater, (3) zen-installer, and (4) zen-remover programs on SUSE Linux 10.1 and Enterprise 10 allows local users to gain privileges via modified (a) LD_LIBRARY_PATH and (b) MONO_GAC_PREFIX environment variables. |
2.1 | 2007-08-17 | CVE-2007-4394 | Unspecified vulnerability in a "core clean" cron job created by the findutils-locate package on SUSE Linux 10.0 and 10.1 and Enterprise Server 9 and 10 before 20070810 allows local users to delete of arbitrary files via unknown vectors. |
10 | 2007-01-23 | CVE-2007-0460 | Multiple buffer overflows in ulogd for SUSE Linux 9.3 up to 10.1, and possibly other distributions, have unknown impact and attack vectors related to "improper string length calculations." |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
100% (1) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
CAPEC : Common Attack Pattern Enumeration & Classification
id | Name |
---|---|
CAPEC-21 | Exploitation of Session Variables, Resource IDs and other Trusted Credentials |
CAPEC-31 | Accessing/Intercepting/Modifying HTTP Cookies |
CAPEC-167 | Lifting Sensitive Data from the Client |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
46784 | SUSE Linux zen-remover Wrapper Script Search Path Subversion Local Privilege ... |
46783 | SUSE Linux zen-installer Wrapper Script Search Path Subversion Local Privileg... |
46782 | SUSE Linux zen-updater Wrapper Script Search Path Subversion Local Privilege ... |
46781 | SUSE Linux rug Wrapper Script Search Path Subversion Local Privilege Escalation |
46404 | SUSE Linux findutils-locate Package core clean Cron Job Unspecified Arbitrary... |
32939 | ulogd Multiple Unspecified Overflows |
OpenVAS Exploits
id | Description |
---|---|
2008-09-24 | Name : Gentoo Security Advisory GLSA 200703-17 (ulogd) File : nvt/glsa_200703_17.nasl |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2007-03-19 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-200703-17.nasl - Type: ACT_GATHER_INFO |