This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Suse First view 2002-12-31
Product Suse Linux Last view 2018-07-24
Version - Type Os
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:suse:suse_linux

Activity : Overall

Related : CVE

  Date Alert Description
8.2 2018-07-24 CVE-2017-3224

Open Shortest Path First (OSPF) protocol implementations may improperly determine Link State Advertisement (LSA) recency for LSAs with MaxSequenceNumber. According to RFC 2328 section 13.1, for two instances of the same LSA, recency is determined by first comparing sequence numbers, then checksums, and finally MaxAge. In a case where the sequence numbers are the same, the LSA with the larger checksum is considered more recent, and will not be flushed from the Link State Database (LSDB). Since the RFC does not explicitly state that the values of links carried by a LSA must be the same when prematurely aging a self-originating LSA with MaxSequenceNumber, it is possible in vulnerable OSPF implementations for an attacker to craft a LSA with MaxSequenceNumber and invalid links that will result in a larger checksum and thus a 'newer' LSA that will not be flushed from the LSDB. Propagation of the crafted LSA can result in the erasure or alteration of the routing tables of routers within the routing domain, creating a denial of service condition or the re-routing of traffic on the network. CVE-2017-3224 has been reserved for Quagga and downstream implementations (SUSE, openSUSE, and Red Hat packages).

10 2007-02-15 CVE-2007-0980

Unspecified vulnerability in HP Serviceguard for Linux; packaged for SuSE SLES8 and United Linux 1.0 before SG A.11.15.07, SuSE SLES9 and SLES10 before SG A.11.16.10, and Red Hat Enterprise Linux (RHEL) before SG A.11.16.10; allows remote attackers to obtain unauthorized access via unspecified vectors.

10 2007-01-23 CVE-2007-0460

Multiple buffer overflows in ulogd for SUSE Linux 9.3 up to 10.1, and possibly other distributions, have unknown impact and attack vectors related to "improper string length calculations."

7.2 2002-12-31 CVE-2002-2259

Buffer overflow in the French documentation patch for Gnuplot 3.7 in SuSE Linux before 8.0 allows local users to execute arbitrary code as root via unknown attack vectors.

CWE : Common Weakness Enumeration

%idName
66% (2) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
33% (1) CWE-345 Insufficient Verification of Data Authenticity

Open Source Vulnerability Database (OSVDB)

id Description
60139 Gnuplot French Documentation Patch Unspecified Local Overflow
33201 HP Serviceguard for Linux Unspecified Remote Access
32939 ulogd Multiple Unspecified Overflows

OpenVAS Exploits

id Description
2008-09-24 Name : Gentoo Security Advisory GLSA 200703-17 (ulogd)
File : nvt/glsa_200703_17.nasl

Nessus® Vulnerability Scanner

id Description
2007-03-19 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-200703-17.nasl - Type: ACT_GATHER_INFO