This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Suse First view 2002-12-31
Product Suse Linux Last view 2007-05-14
Version 1.0 Type Os
Update *  
Edition desktop  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:suse:suse_linux

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
4.4 2007-05-14 CVE-2007-2654

xfs_fsr in xfsdump creates a .fsr temporary directory with insecure permissions, which allows local users to read or overwrite arbitrary files on xfs filesystems.

10 2007-02-15 CVE-2007-0980

Unspecified vulnerability in HP Serviceguard for Linux; packaged for SuSE SLES8 and United Linux 1.0 before SG A.11.15.07, SuSE SLES9 and SLES10 before SG A.11.16.10, and Red Hat Enterprise Linux (RHEL) before SG A.11.16.10; allows remote attackers to obtain unauthorized access via unspecified vectors.

10 2007-01-23 CVE-2007-0460

Multiple buffer overflows in ulogd for SUSE Linux 9.3 up to 10.1, and possibly other distributions, have unknown impact and attack vectors related to "improper string length calculations."

6.4 2005-12-31 CVE-2005-4772

liby2util in Yet another Setup Tool (YaST) in SUSE Linux before 20051007 preserves permissions and ownerships when copying a remote repository, which might allow local users to read or modify sensitive files, possibly giving local users the ability to exploit CVE-2005-3013.

2.1 2005-08-05 CVE-2005-1767

traps.c in the Linux kernel 2.6.x and 2.4.x executes stack segment faults on an exception stack, which allows local users to cause a denial of service (oops and stack fault exception).

2.1 2005-08-05 CVE-2005-1761

Linux kernel 2.6 and 2.4 on the IA64 architecture allows local users to cause a denial of service (kernel crash) via ptrace and the restore_sigcontext function.

7.2 2005-06-09 CVE-2005-1763

Buffer overflow in ptrace in the Linux Kernel for 64-bit architectures allows local users to write bytes into kernel memory.

2.1 2005-05-02 CVE-2005-0207

Unknown vulnerability in Linux kernel 2.4.x, 2.5.x, and 2.6.x allows NFS clients to cause a denial of service via O_DIRECT.

2.1 2005-04-14 CVE-2004-1237

Unknown vulnerability in the system call filtering code in the audit subsystem for Red Hat Enterprise Linux 3 allows local users to cause a denial of service (system crash) via unknown vectors.

6.2 2005-04-14 CVE-2004-1235

Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.

7.2 2005-03-27 CVE-2005-0750

The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via (1) socket or (2) socketpair call with a negative protocol value.

10 2005-01-27 CVE-2004-0929

Heap-based buffer overflow in the OJPEGVSetField function in tif_ojpeg.c for libtiff 3.6.1 and earlier, when compiled with the OJPEG_SUPPORT (old JPEG support) option, allows remote attackers to execute arbitrary code via a malformed TIFF image.

10 2005-01-27 CVE-2004-0903

Stack-based buffer overflow in the writeGroup function in nsVCardObj.cpp for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to execute arbitrary code via malformed VCard attachments that are not properly handled when previewing a message.

10 2005-01-27 CVE-2004-0902

Multiple heap-based buffer overflows in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via (1) the "Send page" functionality, (2) certain responses from a malicious POP3 server, or (3) a link containing a non-ASCII hostname.

5 2005-01-27 CVE-2004-0886

Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls.

10 2005-01-10 CVE-2004-1154

Integer overflow in the Samba daemon (smbd) in Samba 2.x and 3.0.x through 3.0.9 allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via a Samba request with a large number of security descriptors that triggers a heap-based buffer overflow.

2.1 2005-01-10 CVE-2004-1073

The open_exec function in the execve functionality (exec.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, allows local users to read non-readable ELF binaries by using the interpreter (PT_INTERP) functionality.

7.2 2005-01-10 CVE-2004-1072

The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, may create an interpreter name string that is not NULL terminated, which could cause strings longer than PATH_MAX to be used, leading to buffer overflows that allow local users to cause a denial of service (hang) and possibly execute arbitrary code.

7.2 2005-01-10 CVE-2004-1071

The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed call to the mmap function, which causes an incorrect mapped image and may allow local users to execute arbitrary code.

7.2 2005-01-10 CVE-2004-1070

The load_elf_binary function in the binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly check return values from calls to the kernel_read function, which may allow local users to modify sensitive memory in a setuid program and execute arbitrary code.

6.4 2005-01-10 CVE-2004-0949

The smb_recv_trans2 function call in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 does not properly handle the re-assembly of fragmented packets correctly, which could allow remote samba servers to (1) read arbitrary kernel information or (2) raise a counter value to an arbitrary number by sending the first part of the fragmented packet multiple times.

10 2005-01-10 CVE-2004-0914

Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86 and other packages, include (1) multiple integer overflows, (2) out-of-bounds memory accesses, (3) directory traversal, (4) shell metacharacter, (5) endless loops, and (6) memory leaks, which could allow remote attackers to obtain sensitive information, cause a denial of service (application crash), or execute arbitrary code via a certain XPM image file. NOTE: it is highly likely that this candidate will be SPLIT into other candidates in the future, per CVE's content decisions.

6.4 2005-01-10 CVE-2004-0883

Multiple vulnerabilities in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 allow remote samba servers to cause a denial of service (crash) or gain sensitive information from kernel memory via a samba server (1) returning more data than requested to the smb_proc_read function, (2) returning a data offset from outside the samba packet to the smb_proc_readX function, (3) sending a certain TRANS2 fragmented packet to the smb_receive_trans2 function, (4) sending a samba packet with a certain header size to the smb_proc_readX_data function, or (5) sending a certain packet based offset for the data in a packet to the smb_receive_trans2 function.

7.5 2004-12-23 CVE-2004-0867

Mozilla Firefox 0.9.2 allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk, and .sch.uk, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session. NOTE: it was later reported that 2.x is also affected.

7.5 2004-12-23 CVE-2004-0803

Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files.

CWE : Common Weakness Enumeration

%idName
40% (2) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
20% (1) CWE-362 Race Condition
20% (1) CWE-264 Permissions, Privileges, and Access Controls
20% (1) CWE-20 Improper Input Validation

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
60139 Gnuplot French Documentation Patch Unspecified Local Overflow
36716 xfsdump xfs_fsr Symlink Arbitrary File Manipulation
33201 HP Serviceguard for Linux Unspecified Remote Access
32939 ulogd Multiple Unspecified Overflows
19979 SuSE Linux YaST liby2util Package Repository Permission Weakness
18702 SuSE Linux Kernel Unspecified Stack Fault Exception Local DoS
17546 Linux Kernel on 64Bit ptrace Function Local Overflow
17479 Linux Kernel ptrace / restore_sigcontext ar.rsc Access Issue
15214 Linux Kernel NFS Client O_DIRECT DoS
15084 Linux Kernel bluez_sock_create() Local Underflow
13052 Red Hat RHEL 3 Audit Subsystem DoS
12791 Linux Kernel sys_uselib Binary Format Loader Local Privilege Escalation
12422 Samba smbd Security Descriptor Parsing Remote Overflow
11991 X11 libXpm Multiple Unspecified Loops / Leaks DoS
11990 X11 libXpm Unspecified Path Traversal
11989 X11 libXpm Unspecified Out-of-bounds Memory DoS
11988 X11 libXpm Unspecified Multiple Overflows
11985 Linux Kernel smb Filesystem smb_receive_trans2 Arbitrary Memory Disclosure
11984 Linux Kernel smb Filesystem smb_proc_readX_data DoS
11983 Linux Kernel smb Filesystem smb_receive_trans2 Overflow
11982 Linux Kernel smb Filesystem smb_proc_readX Arbitrary Memory Disclosure
11981 Linux Kernel smb Filesystem smb_proc_read(X) Overflow
11600 Linux Kernel ELF Binary Loader open_exec() Binary Read Permission Error
11599 Linux Kernel ELF Binary Loader Interpreter Name String Parsing Issue
11598 Linux Kernel ELF Binary Loader mmap() Failure Handling Issue

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2009-10-10 Name : SLES9: Security update for libtiff
File : nvt/sles9p5017742.nasl
2009-10-10 Name : SLES9: Security update for Linux kernel core
File : nvt/sles9p5014380.nasl
2009-10-10 Name : SLES9: Security update for Mozilla
File : nvt/sles9p5012017.nasl
2009-10-10 Name : SLES9: Security update for cyrus-sasl
File : nvt/sles9p5011476.nasl
2009-10-10 Name : SLES9: Security update for Linux kernel
File : nvt/sles9p5010817.nasl
2009-06-03 Name : Solaris Update for sdtimage 114220-11
File : nvt/gb_solaris_114220_11.nasl
2009-06-03 Name : Solaris Update for CDE 1.5 114219-11
File : nvt/gb_solaris_114219_11.nasl
2009-06-03 Name : Solaris Update for sdtimage 109932-10
File : nvt/gb_solaris_109932_10.nasl
2009-06-03 Name : Solaris Update for CDE 1.4 109931-10
File : nvt/gb_solaris_109931_10.nasl
2009-04-09 Name : Mandriva Update for kernel MDKSA-2007:060 (kernel)
File : nvt/gb_mandriva_MDKSA_2007_060.nasl
2009-04-09 Name : Mandriva Update for xfsdump MDKSA-2007:134 (xfsdump)
File : nvt/gb_mandriva_MDKSA_2007_134.nasl
2009-04-09 Name : Mandriva Update for kernel MDKSA-2007:078 (kernel)
File : nvt/gb_mandriva_MDKSA_2007_078.nasl
2009-03-23 Name : Ubuntu Update for xfsdump vulnerability USN-516-1
File : nvt/gb_ubuntu_USN_516_1.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200412-17 (kfax)
File : nvt/glsa_200412_17.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200409-26 (Mozilla)
File : nvt/glsa_200409_26.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200502-06 (lesstif)
File : nvt/glsa_200502_06.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200502-07 (openmotif)
File : nvt/glsa_200502_07.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200703-17 (ulogd)
File : nvt/glsa_200703_17.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200410-11 (tiff)
File : nvt/glsa_200410_11.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200411-28 (X.Org, XFree86)
File : nvt/glsa_200411_28.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200412-02 (PDFlib)
File : nvt/glsa_200412_02.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200412-13 (Samba)
File : nvt/glsa_200412_13.nasl
2008-09-04 Name : FreeBSD Ports: tiff
File : nvt/freebsd_tiff3.nasl
2008-09-04 Name : FreeBSD Ports: tiff
File : nvt/freebsd_tiff2.nasl
2008-09-04 Name : FreeBSD Ports: thunderbird
File : nvt/freebsd_thunderbird5.nasl

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2014-01-10 SMB NT Trans NT SET SECURITY DESC unicode andx DACL overflow attempt
RuleID : 4674 - Type : NETBIOS - Revision : 4
2014-01-10 SMB NT Trans NT SET SECURITY DESC unicode DACL overflow attempt
RuleID : 4673 - Type : NETBIOS - Revision : 4
2014-01-10 SMB NT Trans NT SET SECURITY DESC andx DACL overflow attempt
RuleID : 4672 - Type : NETBIOS - Revision : 4
2014-01-10 SMB NT Trans NT SET SECURITY DESC DACL overflow attempt
RuleID : 4671 - Type : NETBIOS - Revision : 4
2014-01-10 SMB-DS NT Trans NT SET SECURITY DESC unicode andx DACL overflow attempt
RuleID : 4670 - Type : NETBIOS - Revision : 3
2014-01-10 SMB-DS NT Trans NT SET SECURITY DESC unicode DACL overflow attempt
RuleID : 4669 - Type : NETBIOS - Revision : 3
2014-01-10 SMB-DS NT Trans NT SET SECURITY DESC andx DACL overflow attempt
RuleID : 4668 - Type : NETBIOS - Revision : 3
2014-01-10 SMB-DS NT Trans NT SET SECURITY DESC DACL overflow attempt
RuleID : 4667 - Type : NETBIOS - Revision : 3
2014-01-10 SMB NT Trans NT SET SECURITY DESC unicode andx DACL overflow attempt
RuleID : 4666 - Type : NETBIOS - Revision : 2
2014-01-10 SMB NT Trans NT SET SECURITY DESC unicode DACL overflow attempt
RuleID : 4665 - Type : NETBIOS - Revision : 2
2014-01-10 SMB NT Trans NT SET SECURITY DESC andx DACL overflow attempt
RuleID : 4664 - Type : NETBIOS - Revision : 2
2014-01-10 SMB NT Trans NT SET SECURITY DESC DACL overflow attempt
RuleID : 4663 - Type : NETBIOS - Revision : 2
2014-01-10 SMB NT Trans NT SET SECURITY DESC unicode andx SACL overflow attempt
RuleID : 4662 - Type : NETBIOS - Revision : 4
2014-01-10 SMB NT Trans NT SET SECURITY DESC unicode SACL overflow attempt
RuleID : 4661 - Type : NETBIOS - Revision : 4
2014-01-10 SMB NT Trans NT SET SECURITY DESC andx SACL overflow attempt
RuleID : 4660 - Type : NETBIOS - Revision : 4
2014-01-10 SMB NT Trans NT SET SECURITY DESC SACL overflow attempt
RuleID : 4659 - Type : NETBIOS - Revision : 4
2014-01-10 SMB-DS NT Trans NT SET SECURITY DESC unicode andx SACL overflow attempt
RuleID : 4658 - Type : NETBIOS - Revision : 3
2014-01-10 SMB-DS NT Trans NT SET SECURITY DESC unicode SACL overflow attempt
RuleID : 4657 - Type : NETBIOS - Revision : 3
2014-01-10 SMB-DS NT Trans NT SET SECURITY DESC andx SACL overflow attempt
RuleID : 4656 - Type : NETBIOS - Revision : 3
2014-01-10 SMB-DS NT Trans NT SET SECURITY DESC SACL overflow attempt
RuleID : 4655 - Type : NETBIOS - Revision : 3
2014-01-10 SMB NT Trans NT SET SECURITY DESC unicode andx SACL overflow attempt
RuleID : 4654 - Type : NETBIOS - Revision : 2
2014-01-10 SMB NT Trans NT SET SECURITY DESC unicode SACL overflow attempt
RuleID : 4653 - Type : NETBIOS - Revision : 2
2014-01-10 SMB NT Trans NT SET SECURITY DESC andx SACL overflow attempt
RuleID : 4652 - Type : NETBIOS - Revision : 2
2014-01-10 SMB NT Trans NT SET SECURITY DESC SACL overflow attempt
RuleID : 4651 - Type : NETBIOS - Revision : 2
2018-01-17 Mozilla Firefox buffer overflow attempt
RuleID : 45172 - Type : BROWSER-FIREFOX - Revision : 1

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2010-01-10 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2008-0524.nasl - Type: ACT_GATHER_INFO
2009-04-23 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_3897a2f81d5711d9bc4a000c41e2cdad.nasl - Type: ACT_GATHER_INFO
2007-11-10 Name: The remote Ubuntu host is missing a security-related patch.
File: ubuntu_USN-516-1.nasl - Type: ACT_GATHER_INFO
2007-06-27 Name: The remote Mandrake Linux host is missing a security update.
File: mandrake_MDKSA-2007-134.nasl - Type: ACT_GATHER_INFO
2007-06-18 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-1304.nasl - Type: ACT_GATHER_INFO
2007-05-03 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-1286.nasl - Type: ACT_GATHER_INFO
2007-04-05 Name: The remote Mandrake Linux host is missing one or more security updates.
File: mandrake_MDKSA-2007-078.nasl - Type: ACT_GATHER_INFO
2007-03-19 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-200703-17.nasl - Type: ACT_GATHER_INFO
2007-03-12 Name: The remote Mandrake Linux host is missing one or more security updates.
File: mandrake_MDKSA-2007-060.nasl - Type: ACT_GATHER_INFO
2007-02-18 Name: The remote Mandrake Linux host is missing one or more security updates.
File: mandrake_MDKSA-2004-111.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-1018.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-1067.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-1069.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-1070.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-1082.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-921.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-922.nasl - Type: ACT_GATHER_INFO
2006-07-05 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2005-293.nasl - Type: ACT_GATHER_INFO
2006-07-05 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2005-366.nasl - Type: ACT_GATHER_INFO
2006-07-05 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2005-514.nasl - Type: ACT_GATHER_INFO
2006-07-03 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2005-021.nasl - Type: ACT_GATHER_INFO
2006-07-03 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2005-354.nasl - Type: ACT_GATHER_INFO
2006-07-03 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2005-663.nasl - Type: ACT_GATHER_INFO
2006-02-05 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2006-0191.nasl - Type: ACT_GATHER_INFO
2006-01-15 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-103-1.nasl - Type: ACT_GATHER_INFO