This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Suse First view 1999-02-18
Product Suse Linux Last view 2007-02-15
Version 6.0 Type Os
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:suse:suse_linux

Activity : Overall

Related : CVE

  Date Alert Description
10 2007-02-15 CVE-2007-0980

Unspecified vulnerability in HP Serviceguard for Linux; packaged for SuSE SLES8 and United Linux 1.0 before SG A.11.15.07, SuSE SLES9 and SLES10 before SG A.11.16.10, and Red Hat Enterprise Linux (RHEL) before SG A.11.16.10; allows remote attackers to obtain unauthorized access via unspecified vectors.

10 2007-01-23 CVE-2007-0460

Multiple buffer overflows in ulogd for SUSE Linux 9.3 up to 10.1, and possibly other distributions, have unknown impact and attack vectors related to "improper string length calculations."

7.5 2005-04-27 CVE-2005-0206

The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.

5 2005-04-14 CVE-2005-1043

exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion.

7.5 2005-03-02 CVE-2005-0639

Multiple vulnerabilities in xli before 1.17 may allow remote attackers to execute arbitrary code via "buffer management errors" from certain image properties, some of which may be related to integer overflows in PPM files.

7.5 2005-03-02 CVE-2005-0638

xloadimage before 4.1-r2, and xli before 1.17, allows attackers to execute arbitrary commands via shell metacharacters in filenames for compressed images, which are not properly quoted when calling the gunzip command.

4.6 2005-01-21 CVE-2004-1184

The EPSF pipe support in enscript 1.6.3 allows remote attackers or local users to execute arbitrary commands via shell metacharacters.

5 2004-12-31 CVE-2004-1491

Opera 7.54 and earlier uses kfmclient exec to handle unknown MIME types, which allows remote attackers to execute arbitrary code via a shortcut or launcher that contains an Exec entry.

7.2 2002-12-31 CVE-2002-2259

Buffer overflow in the French documentation patch for Gnuplot 3.7 in SuSE Linux before 8.0 allows local users to execute arbitrary code as root via unknown attack vectors.

7.5 2001-10-18 CVE-2001-0763

Buffer overflow in Linux xinetd 2.1.8.9pre11-1 and earlier may allow remote attackers to execute arbitrary code via a long ident response, which is not properly handled by the svc_logprint function.

4.6 2001-09-20 CVE-2001-0641

Buffer overflow in man program in various distributions of Linux allows local user to execute arbitrary code as group man via a long -S option.

7.5 2001-08-02 CVE-2001-1130

Sdbsearch.cgi in SuSE Linux 6.0-7.2 could allow remote attackers to execute arbitrary commands by uploading a keylist.txt file that contains filenames with shell metacharacters, then causing the file to be searched using a .. in the HTTP referer (from the HTTP_REFERER variable) to point to the directory that contains the keylist.txt file.

2.1 2001-03-26 CVE-2001-0178

kdesu program in KDE2 (KDE before 2.2.0-6) does not properly verify the owner of a UNIX socket that is used to send a password, which allows local users to steal passwords and gain privileges.

5 2001-01-09 CVE-2000-1107

in.identd ident server in SuSE Linux 6.x and 7.0 allows remote attackers to cause a denial of service via a long request, which causes the server to access a NULL pointer and crash.

5 2000-11-14 CVE-2000-0869

The default configuration of Apache 1.3.12 in SuSE Linux 6.4 enables WebDAV, which allows remote attackers to list arbitrary directories via the PROPFIND HTTP request method.

7.2 2000-05-22 CVE-2000-0438

Buffer overflow in fdmount on Linux systems allows local users in the "floppy" group to execute arbitrary commands via a long mountpoint parameter.

2.1 2000-05-02 CVE-2000-0293

aaa_base in SuSE Linux 6.3, and cron.daily in earlier versions, allow local users to delete arbitrary files by creating files whose names include spaces, which are then incorrectly interpreted by aaa_base when it deletes expired files from the /tmp directory.

7.2 2000-03-22 CVE-2000-0229

gpm-root in the gpm package does not properly drop privileges, which allows local users to gain privileges by starting a utility from gpm-root.

7.2 2000-03-16 CVE-2000-0231

Linux kreatecd trusts a user-supplied path that is used to find the cdrecord program, allowing local users to gain root privileges.

7.5 1999-08-25 CVE-1999-0768

Buffer overflow in Vixie Cron on Red Hat systems via the MAILTO environmental variable.

5 1999-08-16 CVE-1999-0746

A default configuration of in.identd in SuSE Linux waits 120 seconds between requests, allowing a remote attacker to conduct a denial of service.

4.6 1999-03-21 CVE-1999-0433

XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.

10 1999-03-01 CVE-1999-0426

The default permissions of /dev/kmem in Linux versions before 2.0.36 allows IP spoofing.

2.1 1999-02-18 CVE-1999-1495

xtvscreen in SuSE Linux 6.0 allows local users to overwrite arbitrary files via a symlink attack on the pic000.pnm file.

7.2 1999-02-18 CVE-1999-0405

A buffer overflow in lsof allows local users to obtain root privilege.

CWE : Common Weakness Enumeration

%idName
100% (2) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

CAPEC : Common Attack Pattern Enumeration & Classification

id Name
CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs
CAPEC-19 Embedding Scripts within Scripts
CAPEC-81 Web Logs Tampering

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
60139 Gnuplot French Documentation Patch Unspecified Local Overflow
33201 HP Serviceguard for Linux Unspecified Remote Access
32939 ulogd Multiple Unspecified Overflows
16894 Xpdf Integer Overflow Patch 64 Bit Architecture Failure
15630 PHP EXIF Header Large IFD Nesting Level DoS
14366 xli Unspecified Image Properties Overflow
14357 xloadimage Compressed Image Filename Shell Metacharacter Arbitrary Command Ex...
13645 SuSE Linux aaa_base Arbitrary File Deletion
13540 SuSE Linux xtvscreen pic000.pnm Symlink Arbitrary File Overwrite
13154 GNU Enscript EPSF Pipe Support Arbitrary Command Execution
12399 Opera for Linux kfmclient Arbitrary Command Execution
7550 cron MAILTO Overflow Privilege Escalation
7174 KDE2 kdesu Insecure Socket Password Disclosure
5542 xinetd Long Ident Response Overflow
3163 lsof Unspecified Local Overflow
1821 man -S Option Local Overflow
1670 SuSE in.identd Long Request DoS
1347 Multiple Linux Vendor fdmount Buffer Overflow
1262 gpm gpm-root Privilege Drop Failure
1259 Linux kreatecd Path Subversion Privilege Escalation
1058 Vixie Cron MAILTO Environement Variable Overflow
1042 Linux Kernel TCP Connection Spoofing
975 X11R6 startx Symlink Arbitrary File Creation
598 SuSE Support Data Base sbsearch.cgi Arbitrary Command Execution
459 SuSE Linux in.identd Request Saturation DoS

OpenVAS Exploits

id Description
2010-05-12 Name : Mac OS X 10.5.7 Update / Mac OS X Security Update 2009-002
File : nvt/macosx_upd_10_5_7_secupd_2009-002.nasl
2009-11-17 Name : Mac OS X Version
File : nvt/macosx_version.nasl
2009-10-10 Name : SLES9: Security update for PHP4
File : nvt/sles9p5021688.nasl
2009-10-10 Name : SLES9: Security update for PHP4
File : nvt/sles9p5021505.nasl
2009-10-10 Name : SLES9: Security update for PHP4
File : nvt/sles9p5015816.nasl
2009-10-10 Name : SLES9: Security update for enscript
File : nvt/sles9p5011436.nasl
2009-03-06 Name : RedHat Update for cups RHSA-2008:0206-01
File : nvt/gb_RHSA-2008_0206-01_cups.nasl
2009-02-27 Name : CentOS Update for cups CESA-2008:0206 centos3 i386
File : nvt/gb_CESA-2008_0206_cups_centos3_i386.nasl
2009-02-27 Name : CentOS Update for cups CESA-2008:0206 centos3 x86_64
File : nvt/gb_CESA-2008_0206_cups_centos3_x86_64.nasl
2009-02-27 Name : CentOS Update for cups CESA-2008:0206 centos4 i386
File : nvt/gb_CESA-2008_0206_cups_centos4_i386.nasl
2009-02-27 Name : CentOS Update for cups CESA-2008:0206 centos4 x86_64
File : nvt/gb_CESA-2008_0206_cups_centos4_x86_64.nasl
2008-10-24 Name : sdbsearch.cgi
File : nvt/sdbsearch.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200504-15 (PHP)
File : nvt/glsa_200504_15.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200703-17 (ulogd)
File : nvt/glsa_200703_17.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200502-17 (Opera)
File : nvt/glsa_200502_17.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200502-03 (enscript)
File : nvt/glsa_200502_03.nasl
2008-09-04 Name : FreeBSD Ports: xli
File : nvt/freebsd_xli1.nasl
2008-09-04 Name : FreeBSD Ports: xli
File : nvt/freebsd_xli0.nasl
2008-09-04 Name : FreeBSD Ports: opera, opera-devel, linux-opera
File : nvt/freebsd_opera0.nasl
2008-09-04 Name : FreeBSD Ports: enscript-a4, enscript-letter, enscript-letterdj
File : nvt/freebsd_enscript-a4.nasl
2008-01-17 Name : Debian Security Advisory DSA 063-1 (xinetd)
File : nvt/deb_063_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 695-1 (xli)
File : nvt/deb_695_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 694-1 (xloadimage)
File : nvt/deb_694_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 654-1 (enscript)
File : nvt/deb_654_1.nasl

Snort® IPS/IDS

Date Description
2014-01-10 sdbsearch.cgi access
RuleID : 1476-community - Type : SERVER-WEBAPP - Revision : 21
2014-01-10 sdbsearch.cgi access
RuleID : 1476 - Type : SERVER-WEBAPP - Revision : 21
2014-01-10 Microsoft Windows WebDAV propfind access
RuleID : 1079-community - Type : OS-WINDOWS - Revision : 24
2014-01-10 Microsoft Windows WebDAV propfind access
RuleID : 1079 - Type : OS-WINDOWS - Revision : 24

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2008-0206.nasl - Type: ACT_GATHER_INFO
2013-06-29 Name: The remote CentOS host is missing a security update.
File: centos_RHSA-2005-332-01.nasl - Type: ACT_GATHER_INFO
2012-09-06 Name: The remote Mandrake Linux host is missing one or more security updates.
File: mandrake_MDKSA-2005-056.nasl - Type: ACT_GATHER_INFO
2012-09-06 Name: The remote Mandrake Linux host is missing a security update.
File: mandrake_MDKSA-2005-043.nasl - Type: ACT_GATHER_INFO
2012-09-06 Name: The remote Mandrake Linux host is missing a security update.
File: mandrake_MDKSA-2005-042.nasl - Type: ACT_GATHER_INFO
2012-09-06 Name: The remote Mandrake Linux host is missing one or more security updates.
File: mandrake_MDKSA-2005-041.nasl - Type: ACT_GATHER_INFO
2012-09-06 Name: The remote Mandrake Linux host is missing one or more security updates.
File: mandrake_MDKSA-2005-044.nasl - Type: ACT_GATHER_INFO
2012-09-06 Name: The remote Mandrake Linux host is missing one or more security updates.
File: mandrake_MDKSA-2001-018.nasl - Type: ACT_GATHER_INFO
2012-09-06 Name: The remote Mandrake Linux host is missing a security update.
File: mandrake_MDKSA-2000-002.nasl - Type: ACT_GATHER_INFO
2009-09-24 Name: The remote SuSE 9 host is missing a security-related patch.
File: suse9_9867.nasl - Type: ACT_GATHER_INFO
2009-05-13 Name: The remote host is missing a Mac OS X update that fixes various security issues.
File: macosx_10_5_7.nasl - Type: ACT_GATHER_INFO
2009-05-13 Name: The remote host is missing a Mac OS X update that fixes various security issues.
File: macosx_SecUpd2009-002.nasl - Type: ACT_GATHER_INFO
2008-04-04 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2008-0206.nasl - Type: ACT_GATHER_INFO
2008-04-04 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2008-0206.nasl - Type: ACT_GATHER_INFO
2007-03-19 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-200703-17.nasl - Type: ACT_GATHER_INFO
2007-01-08 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2005-406.nasl - Type: ACT_GATHER_INFO
2006-07-05 Name: The remote CentOS host is missing a security update.
File: centos_RHSA-2005-332.nasl - Type: ACT_GATHER_INFO
2006-07-03 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2005-405.nasl - Type: ACT_GATHER_INFO
2006-01-15 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-112-1.nasl - Type: ACT_GATHER_INFO
2006-01-15 Name: The remote Ubuntu host is missing a security-related patch.
File: ubuntu_USN-68-1.nasl - Type: ACT_GATHER_INFO
2005-09-12 Name: The remote Fedora Core host is missing a security update.
File: fedora_2005-315.nasl - Type: ACT_GATHER_INFO
2005-09-12 Name: The remote Fedora Core host is missing a security update.
File: fedora_2005-237.nasl - Type: ACT_GATHER_INFO
2005-07-13 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_d8e55d6581d611d9a9e70001020eed82.nasl - Type: ACT_GATHER_INFO
2005-07-13 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_bfbbd5053bd6409c8c67445d3635cf4b.nasl - Type: ACT_GATHER_INFO
2005-07-13 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_72da8af67c7511d98cc5000854d03344.nasl - Type: ACT_GATHER_INFO