This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Suse First view 2000-05-02
Product Suse Linux Last view 2007-02-15
Version 6.3 Type Os
Update alpha  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:suse:suse_linux

Activity : Overall

Related : CVE

  Date Alert Description
10 2007-02-15 CVE-2007-0980

Unspecified vulnerability in HP Serviceguard for Linux; packaged for SuSE SLES8 and United Linux 1.0 before SG A.11.15.07, SuSE SLES9 and SLES10 before SG A.11.16.10, and Red Hat Enterprise Linux (RHEL) before SG A.11.16.10; allows remote attackers to obtain unauthorized access via unspecified vectors.

10 2007-01-23 CVE-2007-0460

Multiple buffer overflows in ulogd for SUSE Linux 9.3 up to 10.1, and possibly other distributions, have unknown impact and attack vectors related to "improper string length calculations."

7.5 2005-04-27 CVE-2005-0206

The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.

5 2005-04-14 CVE-2005-1043

exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion.

7.5 2005-03-02 CVE-2005-0639

Multiple vulnerabilities in xli before 1.17 may allow remote attackers to execute arbitrary code via "buffer management errors" from certain image properties, some of which may be related to integer overflows in PPM files.

7.5 2005-03-02 CVE-2005-0638

xloadimage before 4.1-r2, and xli before 1.17, allows attackers to execute arbitrary commands via shell metacharacters in filenames for compressed images, which are not properly quoted when calling the gunzip command.

7.5 2005-03-02 CVE-2005-0605

scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow.

4.6 2005-01-21 CVE-2004-1184

The EPSF pipe support in enscript 1.6.3 allows remote attackers or local users to execute arbitrary commands via shell metacharacters.

5 2004-12-31 CVE-2004-1491

Opera 7.54 and earlier uses kfmclient exec to handle unknown MIME types, which allows remote attackers to execute arbitrary code via a shortcut or launcher that contains an Exec entry.

7.2 2002-12-31 CVE-2002-2259

Buffer overflow in the French documentation patch for Gnuplot 3.7 in SuSE Linux before 8.0 allows local users to execute arbitrary code as root via unknown attack vectors.

5 2000-11-14 CVE-2000-0869

The default configuration of Apache 1.3.12 in SuSE Linux 6.4 enables WebDAV, which allows remote attackers to list arbitrary directories via the PROPFIND HTTP request method.

10 2000-10-20 CVE-2000-0800

String parsing error in rpc.kstatd in the linuxnfs or knfsd packages in SuSE and possibly other Linux systems allows remote attackers to gain root privileges.

10 2000-07-16 CVE-2000-0666

rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges.

10 2000-07-10 CVE-2000-0614

Tnef program in Linux systems allows remote attackers to overwrite arbitrary files via TNEF encoded compressed attachments which specify absolute path names for the decompressed output.

4.6 2000-05-02 CVE-2000-0433

The SuSE aaa_base package installs some system accounts with home directories set to /tmp, which allows local users to gain privileges to those accounts by creating standard user startup scripts such as profiles.

2.1 2000-05-02 CVE-2000-0293

aaa_base in SuSE Linux 6.3, and cron.daily in earlier versions, allow local users to delete arbitrary files by creating files whose names include spaces, which are then incorrectly interpreted by aaa_base when it deletes expired files from the /tmp directory.

CWE : Common Weakness Enumeration

%idName
100% (2) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

Open Source Vulnerability Database (OSVDB)

id Description
60139 Gnuplot French Documentation Patch Unspecified Local Overflow
57715 Linux knfsd / linuxnfs rpc.kstatd Remote Format String
33201 HP Serviceguard for Linux Unspecified Remote Access
32939 ulogd Multiple Unspecified Overflows
16894 Xpdf Integer Overflow Patch 64 Bit Architecture Failure
15630 PHP EXIF Header Large IFD Nesting Level DoS
14373 libXpm XPM Image GetImagePixels() / PutImagePixels() Overflow
14366 xli Unspecified Image Properties Overflow
14357 xloadimage Compressed Image Filename Shell Metacharacter Arbitrary Command Ex...
13695 Linux Tnef Compressed Attachment Arbitrary File Overwrite
13684 SuSE Linux aaa_base Package Default Account /tmp Home Directory Privilege Esc...
13645 SuSE Linux aaa_base Arbitrary File Deletion
13154 GNU Enscript EPSF Pipe Support Arbitrary Command Execution
12399 Opera for Linux kfmclient Arbitrary Command Execution
443 Linux nfs-utils rpc.statd Remote Format String
404 Apache HTTP Server on SuSE Linux WebDAV PROPFIND Arbitrary Directory Listing

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2011-09-09 Name : Nfs-utils rpc.statd Multiple Remote Format String Vulnerabilities
File : nvt/secpod_nfs_rpc_statd_mult_format_string_vuln.nasl
2010-05-12 Name : Mac OS X 10.5.7 Update / Mac OS X Security Update 2009-002
File : nvt/macosx_upd_10_5_7_secupd_2009-002.nasl
2010-02-03 Name : Solaris Update for Runtime library for Solaris 10 119281-22
File : nvt/gb_solaris_119281_22.nasl
2010-02-03 Name : Solaris Update for CDE 1.6 119280-22
File : nvt/gb_solaris_119280_22.nasl
2009-11-17 Name : Mac OS X Version
File : nvt/macosx_version.nasl
2009-10-10 Name : SLES9: Security update for PHP4
File : nvt/sles9p5021688.nasl
2009-10-10 Name : SLES9: Security update for PHP4
File : nvt/sles9p5021505.nasl
2009-10-10 Name : SLES9: Security update for XFree86-libs
File : nvt/sles9p5016773.nasl
2009-10-10 Name : SLES9: Security update for PHP4
File : nvt/sles9p5015816.nasl
2009-10-10 Name : SLES9: Security update for enscript
File : nvt/sles9p5011436.nasl
2009-03-06 Name : RedHat Update for cups RHSA-2008:0206-01
File : nvt/gb_RHSA-2008_0206-01_cups.nasl
2009-02-27 Name : CentOS Update for cups CESA-2008:0206 centos4 x86_64
File : nvt/gb_CESA-2008_0206_cups_centos4_x86_64.nasl
2009-02-27 Name : CentOS Update for cups CESA-2008:0206 centos3 x86_64
File : nvt/gb_CESA-2008_0206_cups_centos3_x86_64.nasl
2009-02-27 Name : CentOS Update for cups CESA-2008:0206 centos3 i386
File : nvt/gb_CESA-2008_0206_cups_centos3_i386.nasl
2009-02-27 Name : CentOS Update for cups CESA-2008:0206 centos4 i386
File : nvt/gb_CESA-2008_0206_cups_centos4_i386.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200504-15 (PHP)
File : nvt/glsa_200504_15.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200703-17 (ulogd)
File : nvt/glsa_200703_17.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200503-15 (X.org)
File : nvt/glsa_200503_15.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200503-08 (openmotif)
File : nvt/glsa_200503_08.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200502-17 (Opera)
File : nvt/glsa_200502_17.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200502-03 (enscript)
File : nvt/glsa_200502_03.nasl
2008-09-04 Name : FreeBSD Ports: xli
File : nvt/freebsd_xli1.nasl
2008-09-04 Name : FreeBSD Ports: xli
File : nvt/freebsd_xli0.nasl
2008-09-04 Name : FreeBSD Ports: opera, opera-devel, linux-opera
File : nvt/freebsd_opera0.nasl
2008-09-04 Name : FreeBSD Ports: enscript-a4, enscript-letter, enscript-letterdj
File : nvt/freebsd_enscript-a4.nasl

Snort® IPS/IDS

Date Description
2014-01-10 STATD TCP monitor mon_name format string exploit attempt
RuleID : 1916-community - Type : PROTOCOL-RPC - Revision : 17
2014-01-10 STATD TCP monitor mon_name format string exploit attempt
RuleID : 1916 - Type : PROTOCOL-RPC - Revision : 17
2014-01-10 STATD UDP monitor mon_name format string exploit attempt
RuleID : 1915-community - Type : PROTOCOL-RPC - Revision : 19
2014-01-10 STATD UDP monitor mon_name format string exploit attempt
RuleID : 1915 - Type : PROTOCOL-RPC - Revision : 19
2014-01-10 STATD TCP stat mon_name format string exploit attempt
RuleID : 1914-community - Type : PROTOCOL-RPC - Revision : 18
2014-01-10 STATD TCP stat mon_name format string exploit attempt
RuleID : 1914 - Type : PROTOCOL-RPC - Revision : 18
2014-01-10 STATD UDP stat mon_name format string exploit attempt
RuleID : 1913-community - Type : PROTOCOL-RPC - Revision : 20
2014-01-10 STATD UDP stat mon_name format string exploit attempt
RuleID : 1913 - Type : PROTOCOL-RPC - Revision : 20
2014-01-10 status GHBN format string attack
RuleID : 1891-community - Type : PROTOCOL-RPC - Revision : 17
2014-01-10 status GHBN format string attack
RuleID : 1891 - Type : PROTOCOL-RPC - Revision : 17
2014-01-10 status GHBN format string attack
RuleID : 1890-community - Type : PROTOCOL-RPC - Revision : 18
2014-01-10 status GHBN format string attack
RuleID : 1890 - Type : PROTOCOL-RPC - Revision : 18
2014-01-10 Microsoft Windows WebDAV propfind access
RuleID : 1079-community - Type : OS-WINDOWS - Revision : 24
2014-01-10 Microsoft Windows WebDAV propfind access
RuleID : 1079 - Type : OS-WINDOWS - Revision : 24

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2008-0206.nasl - Type: ACT_GATHER_INFO
2013-06-29 Name: The remote CentOS host is missing a security update.
File: centos_RHSA-2005-332-01.nasl - Type: ACT_GATHER_INFO
2012-09-06 Name: The remote Mandrake Linux host is missing one or more security updates.
File: mandrake_MDKSA-2000-021.nasl - Type: ACT_GATHER_INFO
2012-09-06 Name: The remote Mandrake Linux host is missing one or more security updates.
File: mandrake_MDKSA-2005-056.nasl - Type: ACT_GATHER_INFO
2012-09-06 Name: The remote Mandrake Linux host is missing one or more security updates.
File: mandrake_MDKSA-2005-044.nasl - Type: ACT_GATHER_INFO
2012-09-06 Name: The remote Mandrake Linux host is missing a security update.
File: mandrake_MDKSA-2005-043.nasl - Type: ACT_GATHER_INFO
2012-09-06 Name: The remote Mandrake Linux host is missing a security update.
File: mandrake_MDKSA-2005-042.nasl - Type: ACT_GATHER_INFO
2012-09-06 Name: The remote Mandrake Linux host is missing one or more security updates.
File: mandrake_MDKSA-2005-041.nasl - Type: ACT_GATHER_INFO
2010-01-10 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2008-0524.nasl - Type: ACT_GATHER_INFO
2010-01-10 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2008-0261.nasl - Type: ACT_GATHER_INFO
2009-09-24 Name: The remote SuSE 9 host is missing a security-related patch.
File: suse9_9867.nasl - Type: ACT_GATHER_INFO
2009-05-13 Name: The remote host is missing a Mac OS X update that fixes various security issues.
File: macosx_10_5_7.nasl - Type: ACT_GATHER_INFO
2009-05-13 Name: The remote host is missing a Mac OS X update that fixes various security issues.
File: macosx_SecUpd2009-002.nasl - Type: ACT_GATHER_INFO
2008-04-04 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2008-0206.nasl - Type: ACT_GATHER_INFO
2008-04-04 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2008-0206.nasl - Type: ACT_GATHER_INFO
2007-03-19 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-200703-17.nasl - Type: ACT_GATHER_INFO
2007-01-08 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2005-406.nasl - Type: ACT_GATHER_INFO
2006-07-05 Name: The remote CentOS host is missing a security update.
File: centos_RHSA-2005-332.nasl - Type: ACT_GATHER_INFO
2006-07-05 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2005-198.nasl - Type: ACT_GATHER_INFO
2006-07-03 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2005-331.nasl - Type: ACT_GATHER_INFO
2006-07-03 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2005-405.nasl - Type: ACT_GATHER_INFO
2006-07-03 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2005-412.nasl - Type: ACT_GATHER_INFO
2006-01-15 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-97-1.nasl - Type: ACT_GATHER_INFO
2006-01-15 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-92-1.nasl - Type: ACT_GATHER_INFO
2006-01-15 Name: The remote Ubuntu host is missing a security-related patch.
File: ubuntu_USN-68-1.nasl - Type: ACT_GATHER_INFO