Summary
| Detail | |||
|---|---|---|---|
| Vendor | Suse | First view | 2004-08-06 |
| Product | Suse Linux | Last view | 2007-02-15 |
| Version | 8.2 | Type | Os |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:o:suse:suse_linux | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 10 | 2007-02-15 | CVE-2007-0980 | Unspecified vulnerability in HP Serviceguard for Linux; packaged for SuSE SLES8 and United Linux 1.0 before SG A.11.15.07, SuSE SLES9 and SLES10 before SG A.11.16.10, and Red Hat Enterprise Linux (RHEL) before SG A.11.16.10; allows remote attackers to obtain unauthorized access via unspecified vectors. |
| 10 | 2007-01-23 | CVE-2007-0460 | Multiple buffer overflows in ulogd for SUSE Linux 9.3 up to 10.1, and possibly other distributions, have unknown impact and attack vectors related to "improper string length calculations." |
| 7.5 | 2005-05-02 | CVE-2005-0337 | Postfix 2.1.3, when /proc/net/if_inet6 is not available and permit_mx_backup is enabled in smtpd_recipient_restrictions, allows remote attackers to bypass e-mail restrictions and perform mail relaying by sending mail to an IPv6 hostname. |
| 2.1 | 2005-05-02 | CVE-2005-0207 | Unknown vulnerability in Linux kernel 2.4.x, 2.5.x, and 2.6.x allows NFS clients to cause a denial of service via O_DIRECT. |
| 7.5 | 2005-05-02 | CVE-2005-0005 | Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers. |
| 7.5 | 2005-04-27 | CVE-2005-0206 | The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities. |
| 6.8 | 2005-04-27 | CVE-2005-0085 | Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message. |
| 5 | 2005-04-14 | CVE-2005-1043 | exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion. |
| 2.1 | 2005-04-14 | CVE-2004-1237 | Unknown vulnerability in the system call filtering code in the audit subsystem for Red Hat Enterprise Linux 3 allows local users to cause a denial of service (system crash) via unknown vectors. |
| 6.2 | 2005-04-14 | CVE-2004-1235 | Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor. |
| 7.5 | 2005-04-14 | CVE-2004-1176 | Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code. |
| 7.5 | 2005-04-14 | CVE-2004-1175 | fish.c in midnight commander allows remote attackers to execute arbitrary programs via "insecure filename quoting," possibly using shell metacharacters. |
| 5 | 2005-04-14 | CVE-2004-1174 | direntry.c in Midnight Commander (mc) 4.5.55 and earlier allows attackers to cause a denial of service by "manipulating non-existing file handles." |
| 5 | 2005-04-14 | CVE-2004-1093 | Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "use of already freed memory." |
| 5 | 2005-04-14 | CVE-2004-1092 | Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by causing mc to free unallocated memory. |
| 5 | 2005-04-14 | CVE-2004-1091 | Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by triggering a null dereference. |
| 5 | 2005-04-14 | CVE-2004-1090 | Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "a corrupt section header." |
| 5 | 2005-04-14 | CVE-2004-1009 | Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors. |
| 7.5 | 2005-04-14 | CVE-2004-1005 | Multiple buffer overflows in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact. |
| 7.5 | 2005-04-14 | CVE-2004-1004 | Multiple format string vulnerabilities in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact. |
| 5 | 2005-03-15 | CVE-2005-0384 | Unknown vulnerability in the PPP driver for the Linux kernel 2.6.8.1 allows remote attackers to cause a denial of service (kernel crash) via a pppd client. |
| 7.5 | 2005-03-02 | CVE-2005-0639 | Multiple vulnerabilities in xli before 1.17 may allow remote attackers to execute arbitrary code via "buffer management errors" from certain image properties, some of which may be related to integer overflows in PPM files. |
| 7.5 | 2005-03-02 | CVE-2005-0638 | xloadimage before 4.1-r2, and xli before 1.17, allows attackers to execute arbitrary commands via shell metacharacters in filenames for compressed images, which are not properly quoted when calling the gunzip command. |
| 7.5 | 2005-03-02 | CVE-2005-0605 | scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow. |
| 10 | 2005-03-01 | CVE-2004-0990 | Integer overflow in GD Graphics Library libgd 2.0.28 (libgd2), and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via PNG image files with large image rows values that lead to a heap-based buffer overflow in the gdImageCreateFromPngCtx function, a different set of vulnerabilities than CVE-2004-0941. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 66% (2) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 33% (1) | CWE-264 | Permissions, Privileges, and Access Controls |
CAPEC : Common Attack Pattern Enumeration & Classification
| id | Name |
|---|---|
| CAPEC-15 | Command Delimiters |
| CAPEC-47 | Buffer Overflow via Parameter Expansion |
| CAPEC-100 | Overflow Buffers |
| CAPEC-123 | Buffer Attacks |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 44330 | CUPS on Red Hat 64-bit pdftops Crafted PDF File Handling Overflow |
| 33201 | HP Serviceguard for Linux Unspecified Remote Access |
| 32939 | ulogd Multiple Unspecified Overflows |
| 16894 | Xpdf Integer Overflow Patch 64 Bit Architecture Failure |
| 15630 | PHP EXIF Header Large IFD Nesting Level DoS |
| 15414 | SuSE Linux SCSI Device Firmware Modification |
| 15214 | Linux Kernel NFS Client O_DIRECT DoS |
| 14810 | Linux Kernel Malformed PPP Packet Remote DoS |
| 14373 | libXpm XPM Image GetImagePixels() / PutImagePixels() Overflow |
| 14366 | xli Unspecified Image Properties Overflow |
| 14357 | xloadimage Compressed Image Filename Shell Metacharacter Arbitrary Command Ex... |
| 13735 | MIME-tools MIMEDefang Empty Boundary Content-Type Virus Scan Bypass |
| 13520 | ht://Dig (htdig) config Parameter XSS |
| 13470 | Postfix IPv6 Patch if_inet6 Failure Arbitrary Mail Relay |
| 13452 | Perl PERLIO_DEBUG Local Overflow |
| 13154 | GNU Enscript EPSF Pipe Support Arbitrary Command Execution |
| 13149 | Xpdf Multiple Unspecified Remote Overflows |
| 13052 | Red Hat RHEL 3 Audit Subsystem DoS |
| 13028 | ImageMagick PSD Image Decoding Module Overflow |
| 12911 | Midnight Commander Unspecified Underflow DoS |
| 12910 | Midnight Commander Insecure Filename Quoting Arbitrary Command Execution |
| 12909 | Midnight Commander Nonexistent File Descriptor Handling DoS |
| 12908 | Midnight Commander Unspecified Freed Memory DoS |
| 12907 | Midnight Commander Unspecified Unallocated Memory Issue |
| 12906 | Midnight Commander Unspecified Null Dereference DoS |
ExploitDB Exploits
| id | Description |
|---|---|
| 718 | Linux Kernel 2.6.x chown() Group Ownership Alteration Exploit |
OpenVAS Exploits
| id | Description |
|---|---|
| 2010-05-12 | Name : Mac OS X 10.5.7 Update / Mac OS X Security Update 2009-002 File : nvt/macosx_upd_10_5_7_secupd_2009-002.nasl |
| 2010-02-03 | Name : Solaris Update for CDE 1.6 119280-22 File : nvt/gb_solaris_119280_22.nasl |
| 2010-02-03 | Name : Solaris Update for Runtime library for Solaris 10 119281-22 File : nvt/gb_solaris_119281_22.nasl |
| 2009-11-17 | Name : Mac OS X Version File : nvt/macosx_version.nasl |
| 2009-10-10 | Name : SLES9: Security update for Linux kernel File : nvt/sles9p5010817.nasl |
| 2009-10-10 | Name : SLES9: Security update for openmotif File : nvt/sles9p5010938.nasl |
| 2009-10-10 | Name : SLES9: Security update for ethereal File : nvt/sles9p5010966.nasl |
| 2009-10-10 | Name : SLES9: Security update for Linux kernel File : nvt/sles9p5011171.nasl |
| 2009-10-10 | Name : SLES9: Security update for enscript File : nvt/sles9p5011436.nasl |
| 2009-10-10 | Name : SLES9: Security update for Midnight Commander File : nvt/sles9p5011441.nasl |
| 2009-10-10 | Name : SLES9: Security update for cyrus-sasl File : nvt/sles9p5011476.nasl |
| 2009-10-10 | Name : SLES9: Security update for kdelibs3 File : nvt/sles9p5011912.nasl |
| 2009-10-10 | Name : SLES9: Security update for Mozilla File : nvt/sles9p5012017.nasl |
| 2009-10-10 | Name : SLES9: Security update for Perl File : nvt/sles9p5013510.nasl |
| 2009-10-10 | Name : SLES9: Security update for apache File : nvt/sles9p5014050.nasl |
| 2009-10-10 | Name : SLES9: Security update for imlib File : nvt/sles9p5014360.nasl |
| 2009-10-10 | Name : SLES9: Security update for Linux kernel core File : nvt/sles9p5014380.nasl |
| 2009-10-10 | Name : SLES9: Security update for CUPS File : nvt/sles9p5014529.nasl |
| 2009-10-10 | Name : SLES9: Security update for OpenMotif File : nvt/sles9p5014940.nasl |
| 2009-10-10 | Name : SLES9: Security update for PHP4 File : nvt/sles9p5015816.nasl |
| 2009-10-10 | Name : SLES9: Security update for MySQL File : nvt/sles9p5015996.nasl |
| 2009-10-10 | Name : SLES9: Security update for XFree86-libs File : nvt/sles9p5016773.nasl |
| 2009-10-10 | Name : SLES9: Security update for ethereal File : nvt/sles9p5016846.nasl |
| 2009-10-10 | Name : SLES9: Security update for libtiff File : nvt/sles9p5017742.nasl |
| 2009-10-10 | Name : SLES9: Security update for htdig File : nvt/sles9p5018082.nasl |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2019-08-31 | Postfix IPv6 Relaying Security Issue RuleID : 50859 - Type : SERVER-MAIL - Revision : 1 |
| 2014-01-10 | SMB NT Trans NT SET SECURITY DESC unicode andx DACL overflow attempt RuleID : 4674 - Type : NETBIOS - Revision : 4 |
| 2014-01-10 | SMB NT Trans NT SET SECURITY DESC unicode DACL overflow attempt RuleID : 4673 - Type : NETBIOS - Revision : 4 |
| 2014-01-10 | SMB NT Trans NT SET SECURITY DESC andx DACL overflow attempt RuleID : 4672 - Type : NETBIOS - Revision : 4 |
| 2014-01-10 | SMB NT Trans NT SET SECURITY DESC DACL overflow attempt RuleID : 4671 - Type : NETBIOS - Revision : 4 |
| 2014-01-10 | SMB-DS NT Trans NT SET SECURITY DESC unicode andx DACL overflow attempt RuleID : 4670 - Type : NETBIOS - Revision : 3 |
| 2014-01-10 | SMB-DS NT Trans NT SET SECURITY DESC unicode DACL overflow attempt RuleID : 4669 - Type : NETBIOS - Revision : 3 |
| 2014-01-10 | SMB-DS NT Trans NT SET SECURITY DESC andx DACL overflow attempt RuleID : 4668 - Type : NETBIOS - Revision : 3 |
| 2014-01-10 | SMB-DS NT Trans NT SET SECURITY DESC DACL overflow attempt RuleID : 4667 - Type : NETBIOS - Revision : 3 |
| 2014-01-10 | SMB NT Trans NT SET SECURITY DESC unicode andx DACL overflow attempt RuleID : 4666 - Type : NETBIOS - Revision : 2 |
| 2014-01-10 | SMB NT Trans NT SET SECURITY DESC unicode DACL overflow attempt RuleID : 4665 - Type : NETBIOS - Revision : 2 |
| 2014-01-10 | SMB NT Trans NT SET SECURITY DESC andx DACL overflow attempt RuleID : 4664 - Type : NETBIOS - Revision : 2 |
| 2014-01-10 | SMB NT Trans NT SET SECURITY DESC DACL overflow attempt RuleID : 4663 - Type : NETBIOS - Revision : 2 |
| 2014-01-10 | SMB NT Trans NT SET SECURITY DESC unicode andx SACL overflow attempt RuleID : 4662 - Type : NETBIOS - Revision : 4 |
| 2014-01-10 | SMB NT Trans NT SET SECURITY DESC unicode SACL overflow attempt RuleID : 4661 - Type : NETBIOS - Revision : 4 |
| 2014-01-10 | SMB NT Trans NT SET SECURITY DESC andx SACL overflow attempt RuleID : 4660 - Type : NETBIOS - Revision : 4 |
| 2014-01-10 | SMB NT Trans NT SET SECURITY DESC SACL overflow attempt RuleID : 4659 - Type : NETBIOS - Revision : 4 |
| 2014-01-10 | SMB-DS NT Trans NT SET SECURITY DESC unicode andx SACL overflow attempt RuleID : 4658 - Type : NETBIOS - Revision : 3 |
| 2014-01-10 | SMB-DS NT Trans NT SET SECURITY DESC unicode SACL overflow attempt RuleID : 4657 - Type : NETBIOS - Revision : 3 |
| 2014-01-10 | SMB-DS NT Trans NT SET SECURITY DESC andx SACL overflow attempt RuleID : 4656 - Type : NETBIOS - Revision : 3 |
| 2014-01-10 | SMB-DS NT Trans NT SET SECURITY DESC SACL overflow attempt RuleID : 4655 - Type : NETBIOS - Revision : 3 |
| 2014-01-10 | SMB NT Trans NT SET SECURITY DESC unicode andx SACL overflow attempt RuleID : 4654 - Type : NETBIOS - Revision : 2 |
| 2014-01-10 | SMB NT Trans NT SET SECURITY DESC unicode SACL overflow attempt RuleID : 4653 - Type : NETBIOS - Revision : 2 |
| 2014-01-10 | SMB NT Trans NT SET SECURITY DESC andx SACL overflow attempt RuleID : 4652 - Type : NETBIOS - Revision : 2 |
| 2014-01-10 | SMB NT Trans NT SET SECURITY DESC SACL overflow attempt RuleID : 4651 - Type : NETBIOS - Revision : 2 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2015-07-16 | Name: The remote FreeBSD host is missing a security-related update. File: freebsd_pkg_ca139c7f2a8c11e5a4a5002590263bf5.nasl - Type: ACT_GATHER_INFO |
| 2015-01-19 | Name: The remote Solaris system is missing a security patch for third-party software. File: solaris11_perl-58_20131015.nasl - Type: ACT_GATHER_INFO |
| 2013-07-12 | Name: The remote Oracle Linux host is missing one or more security updates. File: oraclelinux_ELSA-2008-0206.nasl - Type: ACT_GATHER_INFO |
| 2013-06-29 | Name: The remote CentOS host is missing a security update. File: centos_RHSA-2005-332-01.nasl - Type: ACT_GATHER_INFO |
| 2012-09-06 | Name: The remote Mandrake Linux host is missing one or more security updates. File: mandrake_MDKSA-2005-041.nasl - Type: ACT_GATHER_INFO |
| 2012-09-06 | Name: The remote Mandrake Linux host is missing a security update. File: mandrake_MDKSA-2005-042.nasl - Type: ACT_GATHER_INFO |
| 2012-09-06 | Name: The remote Mandrake Linux host is missing a security update. File: mandrake_MDKSA-2005-043.nasl - Type: ACT_GATHER_INFO |
| 2012-09-06 | Name: The remote Mandrake Linux host is missing one or more security updates. File: mandrake_MDKSA-2005-044.nasl - Type: ACT_GATHER_INFO |
| 2012-09-06 | Name: The remote Mandrake Linux host is missing one or more security updates. File: mandrake_MDKSA-2005-056.nasl - Type: ACT_GATHER_INFO |
| 2012-08-01 | Name: The remote Scientific Linux host is missing one or more security updates. File: sl_20080401_cups_on_SL3_x.nasl - Type: ACT_GATHER_INFO |
| 2010-01-10 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2008-0261.nasl - Type: ACT_GATHER_INFO |
| 2010-01-10 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2008-0524.nasl - Type: ACT_GATHER_INFO |
| 2009-09-24 | Name: The remote SuSE 9 host is missing a security-related patch. File: suse9_9399.nasl - Type: ACT_GATHER_INFO |
| 2009-09-24 | Name: The remote SuSE 9 host is missing a security-related patch. File: suse9_9797.nasl - Type: ACT_GATHER_INFO |
| 2009-09-24 | Name: The remote SuSE 9 host is missing a security-related patch. File: suse9_9833.nasl - Type: ACT_GATHER_INFO |
| 2009-09-24 | Name: The remote SuSE 9 host is missing a security-related patch. File: suse9_9867.nasl - Type: ACT_GATHER_INFO |
| 2009-05-13 | Name: The remote host is missing a Mac OS X update that fixes various security issues. File: macosx_10_5_7.nasl - Type: ACT_GATHER_INFO |
| 2009-05-13 | Name: The remote host is missing a Mac OS X update that fixes various security issues. File: macosx_SecUpd2009-002.nasl - Type: ACT_GATHER_INFO |
| 2009-04-23 | Name: The remote FreeBSD host is missing a security-related update. File: freebsd_pkg_00644f03fb5811d89837000c41e2cdad.nasl - Type: ACT_GATHER_INFO |
| 2009-04-23 | Name: The remote FreeBSD host is missing one or more security-related updates. File: freebsd_pkg_3897a2f81d5711d9bc4a000c41e2cdad.nasl - Type: ACT_GATHER_INFO |
| 2009-04-23 | Name: The remote FreeBSD host is missing one or more security-related updates. File: freebsd_pkg_622399682f2a11d9a9e70001020eed82.nasl - Type: ACT_GATHER_INFO |
| 2009-04-23 | Name: The remote FreeBSD host is missing one or more security-related updates. File: freebsd_pkg_6e6a6b8a2fde11d9b3a20050fc56d258.nasl - Type: ACT_GATHER_INFO |
| 2009-04-23 | Name: The remote FreeBSD host is missing one or more security-related updates. File: freebsd_pkg_8091fceaf35e11d881b0000347a4fa7d.nasl - Type: ACT_GATHER_INFO |
| 2009-04-23 | Name: The remote FreeBSD host is missing one or more security-related updates. File: freebsd_pkg_a711de5c05fa11d9a9b200061bc2ad93.nasl - Type: ACT_GATHER_INFO |
| 2009-04-23 | Name: The remote FreeBSD host is missing a security-related update. File: freebsd_pkg_ba005226fb5b11d89837000c41e2cdad.nasl - Type: ACT_GATHER_INFO |
