This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Suse First view 2003-12-31
Product Suse Linux Last view 2007-02-15
Version 9.0 Type Os
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:suse:suse_linux

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
10 2007-02-15 CVE-2007-0980

Unspecified vulnerability in HP Serviceguard for Linux; packaged for SuSE SLES8 and United Linux 1.0 before SG A.11.15.07, SuSE SLES9 and SLES10 before SG A.11.16.10, and Red Hat Enterprise Linux (RHEL) before SG A.11.16.10; allows remote attackers to obtain unauthorized access via unspecified vectors.

10 2007-01-23 CVE-2007-0460

Multiple buffer overflows in ulogd for SUSE Linux 9.3 up to 10.1, and possibly other distributions, have unknown impact and attack vectors related to "improper string length calculations."

6.4 2006-06-01 CVE-2006-2752

The RedCarpet /etc/ximian/rcd.conf configuration file in Novell Linux Desktop 9 and SUSE SLES 9 has world-readable permissions, which allows attackers to obtain the rc (RedCarpet) password.

5 2006-06-01 CVE-2006-2703

The RedCarpet command-line client (rug) does not verify SSL certificates from a server, which allows remote attackers to read network traffic and execute commands via a man-in-the-middle (MITM) attack.

6.4 2005-12-31 CVE-2005-4772

liby2util in Yet another Setup Tool (YaST) in SUSE Linux before 20051007 preserves permissions and ownerships when copying a remote repository, which might allow local users to read or modify sensitive files, possibly giving local users the ability to exploit CVE-2005-3013.

5 2005-10-27 CVE-2005-3322

Unspecified vulnerability in Squid on SUSE Linux 9.0 allows remote attackers to cause a denial of service (crash) via HTTPs (SSL).

4.6 2005-10-27 CVE-2005-3321

chkstat in SuSE Linux 9.0 through 10.0 allows local users to modify permissions of files by creating a hardlink to a file from a world-writable directory, which can cause the link count to drop to 1 when the file is deleted or replaced, which is then modified by chkstat to use weaker permissions.

7.5 2005-10-23 CVE-2005-3298

Multiple buffer overflows in OpenWBEM on SuSE Linux 9 allow remote attackers to execute arbitrary code via unknown vectors.

2.1 2005-08-05 CVE-2005-1767

traps.c in the Linux kernel 2.6.x and 2.4.x executes stack segment faults on an exception stack, which allows local users to cause a denial of service (oops and stack fault exception).

2.1 2005-08-05 CVE-2005-1761

Linux kernel 2.6 and 2.4 on the IA64 architecture allows local users to cause a denial of service (kernel crash) via ptrace and the restore_sigcontext function.

7.5 2005-05-02 CVE-2005-0337

Postfix 2.1.3, when /proc/net/if_inet6 is not available and permit_mx_backup is enabled in smtpd_recipient_restrictions, allows remote attackers to bypass e-mail restrictions and perform mail relaying by sending mail to an IPv6 hostname.

2.1 2005-05-02 CVE-2005-0207

Unknown vulnerability in Linux kernel 2.4.x, 2.5.x, and 2.6.x allows NFS clients to cause a denial of service via O_DIRECT.

7.5 2005-05-02 CVE-2005-0005

Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers.

7.5 2005-04-27 CVE-2005-0206

The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.

6.8 2005-04-27 CVE-2005-0085

Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message.

5 2005-04-14 CVE-2005-1043

exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion.

2.1 2005-04-14 CVE-2004-1237

Unknown vulnerability in the system call filtering code in the audit subsystem for Red Hat Enterprise Linux 3 allows local users to cause a denial of service (system crash) via unknown vectors.

6.2 2005-04-14 CVE-2004-1235

Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.

7.5 2005-04-14 CVE-2004-1176

Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code.

7.5 2005-04-14 CVE-2004-1175

fish.c in midnight commander allows remote attackers to execute arbitrary programs via "insecure filename quoting," possibly using shell metacharacters.

5 2005-04-14 CVE-2004-1174

direntry.c in Midnight Commander (mc) 4.5.55 and earlier allows attackers to cause a denial of service by "manipulating non-existing file handles."

5 2005-04-14 CVE-2004-1093

Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "use of already freed memory."

5 2005-04-14 CVE-2004-1092

Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by causing mc to free unallocated memory.

5 2005-04-14 CVE-2004-1091

Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by triggering a null dereference.

5 2005-04-14 CVE-2004-1090

Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "a corrupt section header."

CWE : Common Weakness Enumeration

%idName
50% (2) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
25% (1) CWE-264 Permissions, Privileges, and Access Controls
25% (1) CWE-20 Improper Input Validation

CAPEC : Common Attack Pattern Enumeration & Classification

id Name
CAPEC-15 Command Delimiters
CAPEC-47 Buffer Overflow via Parameter Expansion
CAPEC-100 Overflow Buffers
CAPEC-123 Buffer Attacks

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
60300 SuSE resmgr Local Terminal Spoofing Weakness
44330 CUPS on Red Hat 64-bit pdftops Crafted PDF File Handling Overflow
33201 HP Serviceguard for Linux Unspecified Remote Access
32939 ulogd Multiple Unspecified Overflows
28055 XScreenSaver User Password Verification Unspecified DoS
25855 RedCarpet rcd.conf rc Cleartext Password Disclosure
25854 RedCarpet rug SSL Certification Validation Failure
21445 Squid on SUSE Linux Unspecified SSL DoS
20263 SUSE Permissions Bypass chkstat Arbitrary File Access
20062 OpenWBEM Multiple Unspecified Remote Overflows
19979 SuSE Linux YaST liby2util Package Repository Permission Weakness
18702 SuSE Linux Kernel Unspecified Stack Fault Exception Local DoS
17479 Linux Kernel ptrace / restore_sigcontext ar.rsc Access Issue
16894 Xpdf Integer Overflow Patch 64 Bit Architecture Failure
15630 PHP EXIF Header Large IFD Nesting Level DoS
15414 SuSE Linux SCSI Device Firmware Modification
15214 Linux Kernel NFS Client O_DIRECT DoS
14810 Linux Kernel Malformed PPP Packet Remote DoS
14373 libXpm XPM Image GetImagePixels() / PutImagePixels() Overflow
14366 xli Unspecified Image Properties Overflow
14357 xloadimage Compressed Image Filename Shell Metacharacter Arbitrary Command Ex...
13735 MIME-tools MIMEDefang Empty Boundary Content-Type Virus Scan Bypass
13520 ht://Dig (htdig) config Parameter XSS
13470 Postfix IPv6 Patch if_inet6 Failure Arbitrary Mail Relay
13452 Perl PERLIO_DEBUG Local Overflow

ExploitDB Exploits

id Description
718 Linux Kernel 2.6.x chown() Group Ownership Alteration Exploit

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2010-05-12 Name : Mac OS X 10.5.7 Update / Mac OS X Security Update 2009-002
File : nvt/macosx_upd_10_5_7_secupd_2009-002.nasl
2010-02-03 Name : Solaris Update for CDE 1.6 119280-22
File : nvt/gb_solaris_119280_22.nasl
2010-02-03 Name : Solaris Update for Runtime library for Solaris 10 119281-22
File : nvt/gb_solaris_119281_22.nasl
2009-11-17 Name : Mac OS X Version
File : nvt/macosx_version.nasl
2009-10-10 Name : SLES9: Security update for Linux kernel
File : nvt/sles9p5010817.nasl
2009-10-10 Name : SLES9: Security update for openmotif
File : nvt/sles9p5010938.nasl
2009-10-10 Name : SLES9: Security update for ethereal
File : nvt/sles9p5010966.nasl
2009-10-10 Name : SLES9: Security update for Linux kernel
File : nvt/sles9p5011171.nasl
2009-10-10 Name : SLES9: Security update for enscript
File : nvt/sles9p5011436.nasl
2009-10-10 Name : SLES9: Security update for Midnight Commander
File : nvt/sles9p5011441.nasl
2009-10-10 Name : SLES9: Security update for cyrus-sasl
File : nvt/sles9p5011476.nasl
2009-10-10 Name : SLES9: Security update for kdelibs3
File : nvt/sles9p5011912.nasl
2009-10-10 Name : SLES9: Security update for Mozilla
File : nvt/sles9p5012017.nasl
2009-10-10 Name : SLES9: Security update for Perl
File : nvt/sles9p5013510.nasl
2009-10-10 Name : SLES9: Security update for apache
File : nvt/sles9p5014050.nasl
2009-10-10 Name : SLES9: Security update for imlib
File : nvt/sles9p5014360.nasl
2009-10-10 Name : SLES9: Security update for Linux kernel core
File : nvt/sles9p5014380.nasl
2009-10-10 Name : SLES9: Security update for CUPS
File : nvt/sles9p5014529.nasl
2009-10-10 Name : SLES9: Security update for OpenMotif
File : nvt/sles9p5014940.nasl
2009-10-10 Name : SLES9: Security update for unarj
File : nvt/sles9p5015411.nasl
2009-10-10 Name : SLES9: Security update for PHP4
File : nvt/sles9p5015816.nasl
2009-10-10 Name : SLES9: Security update for MySQL
File : nvt/sles9p5015996.nasl
2009-10-10 Name : SLES9: Security update for XFree86-libs
File : nvt/sles9p5016773.nasl
2009-10-10 Name : SLES9: Security update for ethereal
File : nvt/sles9p5016846.nasl
2009-10-10 Name : SLES9: Security update for libtiff
File : nvt/sles9p5017742.nasl

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2019-08-31 Postfix IPv6 Relaying Security Issue
RuleID : 50859 - Type : SERVER-MAIL - Revision : 1
2014-01-10 SMB NT Trans NT SET SECURITY DESC unicode andx DACL overflow attempt
RuleID : 4674 - Type : NETBIOS - Revision : 4
2014-01-10 SMB NT Trans NT SET SECURITY DESC unicode DACL overflow attempt
RuleID : 4673 - Type : NETBIOS - Revision : 4
2014-01-10 SMB NT Trans NT SET SECURITY DESC andx DACL overflow attempt
RuleID : 4672 - Type : NETBIOS - Revision : 4
2014-01-10 SMB NT Trans NT SET SECURITY DESC DACL overflow attempt
RuleID : 4671 - Type : NETBIOS - Revision : 4
2014-01-10 SMB-DS NT Trans NT SET SECURITY DESC unicode andx DACL overflow attempt
RuleID : 4670 - Type : NETBIOS - Revision : 3
2014-01-10 SMB-DS NT Trans NT SET SECURITY DESC unicode DACL overflow attempt
RuleID : 4669 - Type : NETBIOS - Revision : 3
2014-01-10 SMB-DS NT Trans NT SET SECURITY DESC andx DACL overflow attempt
RuleID : 4668 - Type : NETBIOS - Revision : 3
2014-01-10 SMB-DS NT Trans NT SET SECURITY DESC DACL overflow attempt
RuleID : 4667 - Type : NETBIOS - Revision : 3
2014-01-10 SMB NT Trans NT SET SECURITY DESC unicode andx DACL overflow attempt
RuleID : 4666 - Type : NETBIOS - Revision : 2
2014-01-10 SMB NT Trans NT SET SECURITY DESC unicode DACL overflow attempt
RuleID : 4665 - Type : NETBIOS - Revision : 2
2014-01-10 SMB NT Trans NT SET SECURITY DESC andx DACL overflow attempt
RuleID : 4664 - Type : NETBIOS - Revision : 2
2014-01-10 SMB NT Trans NT SET SECURITY DESC DACL overflow attempt
RuleID : 4663 - Type : NETBIOS - Revision : 2
2014-01-10 SMB NT Trans NT SET SECURITY DESC unicode andx SACL overflow attempt
RuleID : 4662 - Type : NETBIOS - Revision : 4
2014-01-10 SMB NT Trans NT SET SECURITY DESC unicode SACL overflow attempt
RuleID : 4661 - Type : NETBIOS - Revision : 4
2014-01-10 SMB NT Trans NT SET SECURITY DESC andx SACL overflow attempt
RuleID : 4660 - Type : NETBIOS - Revision : 4
2014-01-10 SMB NT Trans NT SET SECURITY DESC SACL overflow attempt
RuleID : 4659 - Type : NETBIOS - Revision : 4
2014-01-10 SMB-DS NT Trans NT SET SECURITY DESC unicode andx SACL overflow attempt
RuleID : 4658 - Type : NETBIOS - Revision : 3
2014-01-10 SMB-DS NT Trans NT SET SECURITY DESC unicode SACL overflow attempt
RuleID : 4657 - Type : NETBIOS - Revision : 3
2014-01-10 SMB-DS NT Trans NT SET SECURITY DESC andx SACL overflow attempt
RuleID : 4656 - Type : NETBIOS - Revision : 3
2014-01-10 SMB-DS NT Trans NT SET SECURITY DESC SACL overflow attempt
RuleID : 4655 - Type : NETBIOS - Revision : 3
2014-01-10 SMB NT Trans NT SET SECURITY DESC unicode andx SACL overflow attempt
RuleID : 4654 - Type : NETBIOS - Revision : 2
2014-01-10 SMB NT Trans NT SET SECURITY DESC unicode SACL overflow attempt
RuleID : 4653 - Type : NETBIOS - Revision : 2
2014-01-10 SMB NT Trans NT SET SECURITY DESC andx SACL overflow attempt
RuleID : 4652 - Type : NETBIOS - Revision : 2
2014-01-10 SMB NT Trans NT SET SECURITY DESC SACL overflow attempt
RuleID : 4651 - Type : NETBIOS - Revision : 2

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2015-07-16 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_ca139c7f2a8c11e5a4a5002590263bf5.nasl - Type: ACT_GATHER_INFO
2015-01-19 Name: The remote Solaris system is missing a security patch for third-party software.
File: solaris11_perl-58_20131015.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2008-0206.nasl - Type: ACT_GATHER_INFO
2013-06-29 Name: The remote CentOS host is missing a security update.
File: centos_RHSA-2005-332-01.nasl - Type: ACT_GATHER_INFO
2012-09-24 Name: The remote Fedora Core host is missing a security update.
File: fedora_2004-414.nasl - Type: ACT_GATHER_INFO
2012-09-06 Name: The remote Mandrake Linux host is missing one or more security updates.
File: mandrake_MDKSA-2005-041.nasl - Type: ACT_GATHER_INFO
2012-09-06 Name: The remote Mandrake Linux host is missing a security update.
File: mandrake_MDKSA-2005-042.nasl - Type: ACT_GATHER_INFO
2012-09-06 Name: The remote Mandrake Linux host is missing a security update.
File: mandrake_MDKSA-2005-043.nasl - Type: ACT_GATHER_INFO
2012-09-06 Name: The remote Mandrake Linux host is missing one or more security updates.
File: mandrake_MDKSA-2005-044.nasl - Type: ACT_GATHER_INFO
2012-09-06 Name: The remote Mandrake Linux host is missing one or more security updates.
File: mandrake_MDKSA-2005-056.nasl - Type: ACT_GATHER_INFO
2012-08-01 Name: The remote Scientific Linux host is missing one or more security updates.
File: sl_20080401_cups_on_SL3_x.nasl - Type: ACT_GATHER_INFO
2010-01-10 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2008-0261.nasl - Type: ACT_GATHER_INFO
2010-01-10 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2008-0524.nasl - Type: ACT_GATHER_INFO
2009-09-24 Name: The remote SuSE 9 host is missing a security-related patch.
File: suse9_9399.nasl - Type: ACT_GATHER_INFO
2009-09-24 Name: The remote SuSE 9 host is missing a security-related patch.
File: suse9_9523.nasl - Type: ACT_GATHER_INFO
2009-09-24 Name: The remote SuSE 9 host is missing a security-related patch.
File: suse9_9797.nasl - Type: ACT_GATHER_INFO
2009-09-24 Name: The remote SuSE 9 host is missing a security-related patch.
File: suse9_9833.nasl - Type: ACT_GATHER_INFO
2009-09-24 Name: The remote SuSE 9 host is missing a security-related patch.
File: suse9_9867.nasl - Type: ACT_GATHER_INFO
2009-05-13 Name: The remote host is missing a Mac OS X update that fixes various security issues.
File: macosx_10_5_7.nasl - Type: ACT_GATHER_INFO
2009-05-13 Name: The remote host is missing a Mac OS X update that fixes various security issues.
File: macosx_SecUpd2009-002.nasl - Type: ACT_GATHER_INFO
2009-04-23 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_00644f03fb5811d89837000c41e2cdad.nasl - Type: ACT_GATHER_INFO
2009-04-23 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_3897a2f81d5711d9bc4a000c41e2cdad.nasl - Type: ACT_GATHER_INFO
2009-04-23 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_622399682f2a11d9a9e70001020eed82.nasl - Type: ACT_GATHER_INFO
2009-04-23 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_6e6a6b8a2fde11d9b3a20050fc56d258.nasl - Type: ACT_GATHER_INFO
2009-04-23 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_8091fceaf35e11d881b0000347a4fa7d.nasl - Type: ACT_GATHER_INFO