This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Novell First view 2009-10-23
Product Suse Linux Last view 2010-09-03
Version 11 Type Os
Update -  
Edition enterprise  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:novell:suse_linux

Activity : Overall

Related : CVE

  Date Alert Description
5 2010-09-03 CVE-2010-1507

WebYaST in yast2-webclient in SUSE Linux Enterprise (SLE) 11 on the WebYaST appliance uses a fixed secret key that is embedded in the appliance's image, which allows remote attackers to spoof session cookies by leveraging knowledge of this key.

4.4 2009-10-23 CVE-2009-1297

iscsi_discovery in open-iscsi in SUSE openSUSE 10.3 through 11.1 and SUSE Linux Enterprise (SLE) 10 SP2 and 11, and other operating systems, allows local users to overwrite arbitrary files via a symlink attack on an unspecified temporary file that has a predictable name.

CWE : Common Weakness Enumeration

%idName
50% (1) CWE-255 Credentials Management
50% (1) CWE-59 Improper Link Resolution Before File Access ('Link Following')

Open Source Vulnerability Database (OSVDB)

id Description
67845 SUSE Linux Enterprise yast2-webclient WebYaST Appliance Fixed Secret Key Sess...
59271 open-iscsi iscsi_discovery in SUSE Unspecified Temporary File Symlink Arbitra...

OpenVAS Exploits

id Description
2011-10-21 Name : Ubuntu Update for open-iscsi USN-1235-1
File : nvt/gb_ubuntu_USN_1235_1.nasl
2009-10-19 Name : SuSE Security Summary SUSE-SR:2009:016
File : nvt/suse_sr_2009_016.nasl
2009-10-13 Name : SLES10: Security update for open-iscsi
File : nvt/sles10_open-iscsi.nasl
2009-10-11 Name : SLES11: Security update for open-iscsi
File : nvt/sles11_open-iscsi.nasl

Nessus® Vulnerability Scanner

id Description
2013-04-20 Name: The remote Mandriva Linux host is missing a security update.
File: mandriva_MDVSA-2013-109.nasl - Type: ACT_GATHER_INFO
2011-10-21 Name: The remote Ubuntu host is missing a security-related patch.
File: ubuntu_USN-1235-1.nasl - Type: ACT_GATHER_INFO
2009-10-06 Name: The remote openSUSE host is missing a security update.
File: suse_open-iscsi-6454.nasl - Type: ACT_GATHER_INFO
2009-09-24 Name: The remote SuSE 11 host is missing a security update.
File: suse_11_open-iscsi-090821.nasl - Type: ACT_GATHER_INFO
2009-09-24 Name: The remote SuSE 10 host is missing a security-related patch.
File: suse_open-iscsi-6455.nasl - Type: ACT_GATHER_INFO
2009-09-18 Name: The remote openSUSE host is missing a security update.
File: suse_11_0_open-iscsi-090821.nasl - Type: ACT_GATHER_INFO
2009-09-18 Name: The remote openSUSE host is missing a security update.
File: suse_11_1_open-iscsi-090821.nasl - Type: ACT_GATHER_INFO