Summary
| Detail | |||
|---|---|---|---|
| Vendor | Suse | First view | 2002-08-12 |
| Product | Suse Linux | Last view | 2007-02-15 |
| Version | 8.0 | Type | Os |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:o:suse:suse_linux | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 10 | 2007-02-15 | CVE-2007-0980 | Unspecified vulnerability in HP Serviceguard for Linux; packaged for SuSE SLES8 and United Linux 1.0 before SG A.11.15.07, SuSE SLES9 and SLES10 before SG A.11.16.10, and Red Hat Enterprise Linux (RHEL) before SG A.11.16.10; allows remote attackers to obtain unauthorized access via unspecified vectors. |
| 10 | 2007-01-23 | CVE-2007-0460 | Multiple buffer overflows in ulogd for SUSE Linux 9.3 up to 10.1, and possibly other distributions, have unknown impact and attack vectors related to "improper string length calculations." |
| 7.5 | 2005-05-02 | CVE-2005-0337 | Postfix 2.1.3, when /proc/net/if_inet6 is not available and permit_mx_backup is enabled in smtpd_recipient_restrictions, allows remote attackers to bypass e-mail restrictions and perform mail relaying by sending mail to an IPv6 hostname. |
| 7.5 | 2005-05-02 | CVE-2005-0005 | Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers. |
| 7.5 | 2005-04-27 | CVE-2005-0206 | The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities. |
| 6.8 | 2005-04-27 | CVE-2005-0085 | Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message. |
| 5 | 2005-04-14 | CVE-2005-1043 | exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion. |
| 7.5 | 2005-04-14 | CVE-2004-1176 | Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code. |
| 7.5 | 2005-04-14 | CVE-2004-1175 | fish.c in midnight commander allows remote attackers to execute arbitrary programs via "insecure filename quoting," possibly using shell metacharacters. |
| 5 | 2005-04-14 | CVE-2004-1174 | direntry.c in Midnight Commander (mc) 4.5.55 and earlier allows attackers to cause a denial of service by "manipulating non-existing file handles." |
| 5 | 2005-04-14 | CVE-2004-1093 | Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "use of already freed memory." |
| 5 | 2005-04-14 | CVE-2004-1092 | Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by causing mc to free unallocated memory. |
| 5 | 2005-04-14 | CVE-2004-1091 | Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by triggering a null dereference. |
| 5 | 2005-04-14 | CVE-2004-1090 | Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "a corrupt section header." |
| 5 | 2005-04-14 | CVE-2004-1009 | Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors. |
| 7.5 | 2005-04-14 | CVE-2004-1005 | Multiple buffer overflows in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact. |
| 7.5 | 2005-04-14 | CVE-2004-1004 | Multiple format string vulnerabilities in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact. |
| 7.5 | 2005-03-02 | CVE-2005-0639 | Multiple vulnerabilities in xli before 1.17 may allow remote attackers to execute arbitrary code via "buffer management errors" from certain image properties, some of which may be related to integer overflows in PPM files. |
| 7.5 | 2005-03-02 | CVE-2005-0638 | xloadimage before 4.1-r2, and xli before 1.17, allows attackers to execute arbitrary commands via shell metacharacters in filenames for compressed images, which are not properly quoted when calling the gunzip command. |
| 7.5 | 2005-03-02 | CVE-2005-0605 | scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow. |
| 10 | 2005-03-01 | CVE-2004-0990 | Integer overflow in GD Graphics Library libgd 2.0.28 (libgd2), and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via PNG image files with large image rows values that lead to a heap-based buffer overflow in the gdImageCreateFromPngCtx function, a different set of vulnerabilities than CVE-2004-0941. |
| 10 | 2005-02-09 | CVE-2004-0981 | Buffer overflow in the EXIF parsing routine in ImageMagick before 6.1.0 allows remote attackers to execute arbitrary code via a certain image file. |
| 6.8 | 2005-02-09 | CVE-2004-0957 | Unknown vulnerability in MySQL 3.23.58 and earlier, when a local user has privileges for a database whose name includes a "_" (underscore), grants privileges to other databases that have similar names, which can allow the user to conduct unauthorized activities. |
| 6.9 | 2005-02-09 | CVE-2004-0940 | Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error. |
| 2.1 | 2005-02-07 | CVE-2005-0156 | Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 100% (2) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
CAPEC : Common Attack Pattern Enumeration & Classification
| id | Name |
|---|---|
| CAPEC-15 | Command Delimiters |
| CAPEC-47 | Buffer Overflow via Parameter Expansion |
| CAPEC-100 | Overflow Buffers |
| CAPEC-123 | Buffer Attacks |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 44330 | CUPS on Red Hat 64-bit pdftops Crafted PDF File Handling Overflow |
| 33201 | HP Serviceguard for Linux Unspecified Remote Access |
| 32939 | ulogd Multiple Unspecified Overflows |
| 16894 | Xpdf Integer Overflow Patch 64 Bit Architecture Failure |
| 15630 | PHP EXIF Header Large IFD Nesting Level DoS |
| 14444 | ISDN PPP Daemon (ipppd) Unspecified Local Overflows |
| 14373 | libXpm XPM Image GetImagePixels() / PutImagePixels() Overflow |
| 14366 | xli Unspecified Image Properties Overflow |
| 14357 | xloadimage Compressed Image Filename Shell Metacharacter Arbitrary Command Ex... |
| 13735 | MIME-tools MIMEDefang Empty Boundary Content-Type Virus Scan Bypass |
| 13520 | ht://Dig (htdig) config Parameter XSS |
| 13470 | Postfix IPv6 Patch if_inet6 Failure Arbitrary Mail Relay |
| 13452 | Perl PERLIO_DEBUG Local Overflow |
| 13154 | GNU Enscript EPSF Pipe Support Arbitrary Command Execution |
| 13149 | Xpdf Multiple Unspecified Remote Overflows |
| 13028 | ImageMagick PSD Image Decoding Module Overflow |
| 12911 | Midnight Commander Unspecified Underflow DoS |
| 12910 | Midnight Commander Insecure Filename Quoting Arbitrary Command Execution |
| 12909 | Midnight Commander Nonexistent File Descriptor Handling DoS |
| 12908 | Midnight Commander Unspecified Freed Memory DoS |
| 12907 | Midnight Commander Unspecified Unallocated Memory Issue |
| 12906 | Midnight Commander Unspecified Null Dereference DoS |
| 12905 | Midnight Commander Corrupted Selection Header DoS |
| 12904 | Midnight Commander Unspecified Infinite Loop DoS |
| 12903 | Midnight Commander Multiple Unspecified Overflows |
ExploitDB Exploits
| id | Description |
|---|---|
| 718 | Linux Kernel 2.6.x chown() Group Ownership Alteration Exploit |
OpenVAS Exploits
| id | Description |
|---|---|
| 2010-05-12 | Name : Mac OS X 10.5.7 Update / Mac OS X Security Update 2009-002 File : nvt/macosx_upd_10_5_7_secupd_2009-002.nasl |
| 2010-02-03 | Name : Solaris Update for CDE 1.6 119280-22 File : nvt/gb_solaris_119280_22.nasl |
| 2010-02-03 | Name : Solaris Update for Runtime library for Solaris 10 119281-22 File : nvt/gb_solaris_119281_22.nasl |
| 2009-11-17 | Name : Mac OS X Version File : nvt/macosx_version.nasl |
| 2009-10-10 | Name : SLES9: Security update for ethereal File : nvt/sles9p5010966.nasl |
| 2009-10-10 | Name : SLES9: Security update for enscript File : nvt/sles9p5011436.nasl |
| 2009-10-10 | Name : SLES9: Security update for Midnight Commander File : nvt/sles9p5011441.nasl |
| 2009-10-10 | Name : SLES9: Security update for cyrus-sasl File : nvt/sles9p5011476.nasl |
| 2009-10-10 | Name : SLES9: Security update for kdelibs3 File : nvt/sles9p5011912.nasl |
| 2009-10-10 | Name : SLES9: Security update for Perl File : nvt/sles9p5013510.nasl |
| 2009-10-10 | Name : SLES9: Security update for apache File : nvt/sles9p5014050.nasl |
| 2009-10-10 | Name : SLES9: Security update for imlib File : nvt/sles9p5014360.nasl |
| 2009-10-10 | Name : SLES9: Security update for CUPS File : nvt/sles9p5014529.nasl |
| 2009-10-10 | Name : SLES9: Security update for PHP4 File : nvt/sles9p5015816.nasl |
| 2009-10-10 | Name : SLES9: Security update for MySQL File : nvt/sles9p5015996.nasl |
| 2009-10-10 | Name : SLES9: Security update for XFree86-libs File : nvt/sles9p5016773.nasl |
| 2009-10-10 | Name : SLES9: Security update for ethereal File : nvt/sles9p5016846.nasl |
| 2009-10-10 | Name : SLES9: Security update for htdig File : nvt/sles9p5018082.nasl |
| 2009-10-10 | Name : SLES9: Security update for MySQL File : nvt/sles9p5020865.nasl |
| 2009-10-10 | Name : SLES9: Security update for gd File : nvt/sles9p5021249.nasl |
| 2009-10-10 | Name : SLES9: Security update for PHP4 File : nvt/sles9p5021505.nasl |
| 2009-10-10 | Name : SLES9: Security update for PHP4 File : nvt/sles9p5021688.nasl |
| 2009-03-06 | Name : RedHat Update for cups RHSA-2008:0206-01 File : nvt/gb_RHSA-2008_0206-01_cups.nasl |
| 2009-02-27 | Name : CentOS Update for cups CESA-2008:0206 centos3 i386 File : nvt/gb_CESA-2008_0206_cups_centos3_i386.nasl |
| 2009-02-27 | Name : CentOS Update for cups CESA-2008:0206 centos3 x86_64 File : nvt/gb_CESA-2008_0206_cups_centos3_x86_64.nasl |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2019-08-31 | Postfix IPv6 Relaying Security Issue RuleID : 50859 - Type : SERVER-MAIL - Revision : 1 |
| 2015-07-28 | Apache mod_include buffer overflow attempt RuleID : 34973 - Type : SERVER-OTHER - Revision : 2 |
| 2014-12-23 | Microsoft and libpng multiple products PNG large image width overflow attempt RuleID : 32889-community - Type : FILE-IMAGE - Revision : 2 |
| 2015-01-23 | Microsoft and libpng multiple products PNG large image width overflow attempt RuleID : 32889 - Type : FILE-IMAGE - Revision : 2 |
| 2014-01-10 | Microsoft PNG large colour depth download attempt RuleID : 3134-community - Type : FILE-IMAGE - Revision : 14 |
| 2014-01-10 | Microsoft PNG large colour depth download attempt RuleID : 3134 - Type : FILE-IMAGE - Revision : 14 |
| 2014-01-10 | Microsoft Multiple Products PNG large image height download attempt RuleID : 3133-community - Type : FILE-IMAGE - Revision : 15 |
| 2014-01-10 | Microsoft Multiple Products PNG large image height download attempt RuleID : 3133 - Type : FILE-IMAGE - Revision : 15 |
| 2014-01-10 | Microsoft and libpng multiple products PNG large image width overflow attempt RuleID : 3132-community - Type : FILE-IMAGE - Revision : 15 |
| 2014-01-10 | Microsoft and libpng multiple products PNG large image width overflow attempt RuleID : 3132 - Type : FILE-IMAGE - Revision : 15 |
| 2014-01-10 | Microsoft MSN Messenger png overflow RuleID : 3130-community - Type : PUA-OTHER - Revision : 8 |
| 2014-01-10 | Microsoft MSN Messenger png overflow RuleID : 3130 - Type : PUA-OTHER - Revision : 8 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2015-07-16 | Name: The remote FreeBSD host is missing a security-related update. File: freebsd_pkg_ca139c7f2a8c11e5a4a5002590263bf5.nasl - Type: ACT_GATHER_INFO |
| 2015-01-19 | Name: The remote Solaris system is missing a security patch for third-party software. File: solaris11_perl-58_20131015.nasl - Type: ACT_GATHER_INFO |
| 2013-07-12 | Name: The remote Oracle Linux host is missing one or more security updates. File: oraclelinux_ELSA-2008-0206.nasl - Type: ACT_GATHER_INFO |
| 2013-06-29 | Name: The remote CentOS host is missing a security update. File: centos_RHSA-2005-332-01.nasl - Type: ACT_GATHER_INFO |
| 2012-09-06 | Name: The remote Mandrake Linux host is missing one or more security updates. File: mandrake_MDKSA-2005-041.nasl - Type: ACT_GATHER_INFO |
| 2012-09-06 | Name: The remote Mandrake Linux host is missing a security update. File: mandrake_MDKSA-2005-042.nasl - Type: ACT_GATHER_INFO |
| 2012-09-06 | Name: The remote Mandrake Linux host is missing a security update. File: mandrake_MDKSA-2005-043.nasl - Type: ACT_GATHER_INFO |
| 2012-09-06 | Name: The remote Mandrake Linux host is missing one or more security updates. File: mandrake_MDKSA-2005-044.nasl - Type: ACT_GATHER_INFO |
| 2012-09-06 | Name: The remote Mandrake Linux host is missing one or more security updates. File: mandrake_MDKSA-2005-056.nasl - Type: ACT_GATHER_INFO |
| 2012-08-01 | Name: The remote Scientific Linux host is missing one or more security updates. File: sl_20080401_cups_on_SL3_x.nasl - Type: ACT_GATHER_INFO |
| 2010-01-10 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2008-0261.nasl - Type: ACT_GATHER_INFO |
| 2010-01-10 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2008-0524.nasl - Type: ACT_GATHER_INFO |
| 2009-09-24 | Name: The remote SuSE 9 host is missing a security-related patch. File: suse9_9797.nasl - Type: ACT_GATHER_INFO |
| 2009-09-24 | Name: The remote SuSE 9 host is missing a security-related patch. File: suse9_9833.nasl - Type: ACT_GATHER_INFO |
| 2009-09-24 | Name: The remote SuSE 9 host is missing a security-related patch. File: suse9_9867.nasl - Type: ACT_GATHER_INFO |
| 2009-05-13 | Name: The remote host is missing a Mac OS X update that fixes various security issues. File: macosx_10_5_7.nasl - Type: ACT_GATHER_INFO |
| 2009-05-13 | Name: The remote host is missing a Mac OS X update that fixes various security issues. File: macosx_SecUpd2009-002.nasl - Type: ACT_GATHER_INFO |
| 2009-04-23 | Name: The remote FreeBSD host is missing a security-related update. File: freebsd_pkg_00644f03fb5811d89837000c41e2cdad.nasl - Type: ACT_GATHER_INFO |
| 2009-04-23 | Name: The remote FreeBSD host is missing one or more security-related updates. File: freebsd_pkg_622399682f2a11d9a9e70001020eed82.nasl - Type: ACT_GATHER_INFO |
| 2009-04-23 | Name: The remote FreeBSD host is missing one or more security-related updates. File: freebsd_pkg_6e6a6b8a2fde11d9b3a20050fc56d258.nasl - Type: ACT_GATHER_INFO |
| 2009-04-23 | Name: The remote FreeBSD host is missing a security-related update. File: freebsd_pkg_ba005226fb5b11d89837000c41e2cdad.nasl - Type: ACT_GATHER_INFO |
| 2009-04-23 | Name: The remote FreeBSD host is missing one or more security-related updates. File: freebsd_pkg_eeb1c12833e711d9a9e70001020eed82.nasl - Type: ACT_GATHER_INFO |
| 2008-04-04 | Name: The remote CentOS host is missing one or more security updates. File: centos_RHSA-2008-0206.nasl - Type: ACT_GATHER_INFO |
| 2008-04-04 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2008-0206.nasl - Type: ACT_GATHER_INFO |
| 2007-03-19 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-200703-17.nasl - Type: ACT_GATHER_INFO |
