This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Suse First view 2006-12-20
Product Suse Linux Last view 2007-10-14
Version 10 Type Os
Update *  
Edition enterprise_desktop  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:suse:suse_linux

Activity : Overall

Related : CVE

  Date Alert Description
7.5 2007-10-14 CVE-2007-5196

Unspecified vulnerability in the SSL implementation in Groupwise client system in the novell-groupwise-client package in SUSE Linux Enterprise Desktop 10 allows remote attackers to obtain credentials via a man-in-the-middle attack, a different vulnerability than CVE-2007-5195.

6.8 2007-10-14 CVE-2007-5195

Unspecified vulnerability in the SSL implementation in Groupwise client system in the novell-groupwise-client package in SUSE Linux Enterprise Desktop 10 allows remote attackers to obtain credentials via a man-in-the-middle attack, a different vulnerability than CVE-2007-5196.

4.6 2007-08-20 CVE-2007-4432

Untrusted search path vulnerability in the wrapper scripts for the (1) rug, (2) zen-updater, (3) zen-installer, and (4) zen-remover programs on SUSE Linux 10.1 and Enterprise 10 allows local users to gain privileges via modified (a) LD_LIBRARY_PATH and (b) MONO_GAC_PREFIX environment variables.

10 2007-01-23 CVE-2007-0460

Multiple buffer overflows in ulogd for SUSE Linux 9.3 up to 10.1, and possibly other distributions, have unknown impact and attack vectors related to "improper string length calculations."

4.1 2006-12-20 CVE-2006-6662

Unspecified vulnerability in Linux User Management (novell-lum) on SUSE Linux Enterprise Desktop 10 and Open Enterprise Server 9, under unspecified conditions, allows local users to log in to the console without a password.

CWE : Common Weakness Enumeration

%idName
33% (2) CWE-310 Cryptographic Issues
33% (2) CWE-200 Information Exposure
16% (1) CWE-264 Permissions, Privileges, and Access Controls
16% (1) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

CAPEC : Common Attack Pattern Enumeration & Classification

id Name
CAPEC-21 Exploitation of Session Variables, Resource IDs and other Trusted Credentials
CAPEC-31 Accessing/Intercepting/Modifying HTTP Cookies
CAPEC-167 Lifting Sensitive Data from the Client

Open Source Vulnerability Database (OSVDB)

id Description
46784 SUSE Linux zen-remover Wrapper Script Search Path Subversion Local Privilege ...
46783 SUSE Linux zen-installer Wrapper Script Search Path Subversion Local Privileg...
46782 SUSE Linux zen-updater Wrapper Script Search Path Subversion Local Privilege ...
46781 SUSE Linux rug Wrapper Script Search Path Subversion Local Privilege Escalation
45492 Groupwise Client System on SUSE Linux Enterprise Desktop Unspecified MitM Cre...
45491 Groupwise Client System on SUSE Linux Enterprise Desktop Unspecified MitM Cre...
35231 Linux User Management (novell-lum) on SUSE Linux Local Privilege Escalation
32939 ulogd Multiple Unspecified Overflows

OpenVAS Exploits

id Description
2008-09-24 Name : Gentoo Security Advisory GLSA 200703-17 (ulogd)
File : nvt/glsa_200703_17.nasl

Nessus® Vulnerability Scanner

id Description
2007-12-13 Name: The remote SuSE 10 host is missing a security-related patch.
File: suse_novell-groupwise-gwclient-4494.nasl - Type: ACT_GATHER_INFO
2007-03-19 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-200703-17.nasl - Type: ACT_GATHER_INFO