Summary
| Detail | |||
|---|---|---|---|
| Vendor | Suse | First view | 2004-08-06 |
| Product | Suse Linux | Last view | 2007-02-15 |
| Version | 9.1 | Type | Os |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:o:suse:suse_linux | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 10 | 2007-02-15 | CVE-2007-0980 | Unspecified vulnerability in HP Serviceguard for Linux; packaged for SuSE SLES8 and United Linux 1.0 before SG A.11.15.07, SuSE SLES9 and SLES10 before SG A.11.16.10, and Red Hat Enterprise Linux (RHEL) before SG A.11.16.10; allows remote attackers to obtain unauthorized access via unspecified vectors. |
| 10 | 2007-01-23 | CVE-2007-0460 | Multiple buffer overflows in ulogd for SUSE Linux 9.3 up to 10.1, and possibly other distributions, have unknown impact and attack vectors related to "improper string length calculations." |
| 4.6 | 2005-10-27 | CVE-2005-3321 | chkstat in SuSE Linux 9.0 through 10.0 allows local users to modify permissions of files by creating a hardlink to a file from a world-writable directory, which can cause the link count to drop to 1 when the file is deleted or replaced, which is then modified by chkstat to use weaker permissions. |
| 2.1 | 2005-08-05 | CVE-2005-1767 | traps.c in the Linux kernel 2.6.x and 2.4.x executes stack segment faults on an exception stack, which allows local users to cause a denial of service (oops and stack fault exception). |
| 2.1 | 2005-08-05 | CVE-2005-1761 | Linux kernel 2.6 and 2.4 on the IA64 architecture allows local users to cause a denial of service (kernel crash) via ptrace and the restore_sigcontext function. |
| 7.5 | 2005-05-02 | CVE-2005-0337 | Postfix 2.1.3, when /proc/net/if_inet6 is not available and permit_mx_backup is enabled in smtpd_recipient_restrictions, allows remote attackers to bypass e-mail restrictions and perform mail relaying by sending mail to an IPv6 hostname. |
| 2.1 | 2005-05-02 | CVE-2005-0207 | Unknown vulnerability in Linux kernel 2.4.x, 2.5.x, and 2.6.x allows NFS clients to cause a denial of service via O_DIRECT. |
| 7.5 | 2005-05-02 | CVE-2005-0005 | Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers. |
| 7.5 | 2005-04-27 | CVE-2005-0206 | The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities. |
| 6.8 | 2005-04-27 | CVE-2005-0085 | Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message. |
| 5 | 2005-04-14 | CVE-2005-1043 | exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion. |
| 2.1 | 2005-04-14 | CVE-2004-1237 | Unknown vulnerability in the system call filtering code in the audit subsystem for Red Hat Enterprise Linux 3 allows local users to cause a denial of service (system crash) via unknown vectors. |
| 6.2 | 2005-04-14 | CVE-2004-1235 | Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor. |
| 7.5 | 2005-04-14 | CVE-2004-1176 | Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code. |
| 7.5 | 2005-04-14 | CVE-2004-1175 | fish.c in midnight commander allows remote attackers to execute arbitrary programs via "insecure filename quoting," possibly using shell metacharacters. |
| 5 | 2005-04-14 | CVE-2004-1174 | direntry.c in Midnight Commander (mc) 4.5.55 and earlier allows attackers to cause a denial of service by "manipulating non-existing file handles." |
| 5 | 2005-04-14 | CVE-2004-1093 | Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "use of already freed memory." |
| 5 | 2005-04-14 | CVE-2004-1092 | Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by causing mc to free unallocated memory. |
| 5 | 2005-04-14 | CVE-2004-1091 | Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by triggering a null dereference. |
| 5 | 2005-04-14 | CVE-2004-1090 | Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "a corrupt section header." |
| 5 | 2005-04-14 | CVE-2004-1009 | Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors. |
| 7.5 | 2005-04-14 | CVE-2004-1005 | Multiple buffer overflows in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact. |
| 7.5 | 2005-04-14 | CVE-2004-1004 | Multiple format string vulnerabilities in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact. |
| 5 | 2005-03-15 | CVE-2005-0384 | Unknown vulnerability in the PPP driver for the Linux kernel 2.6.8.1 allows remote attackers to cause a denial of service (kernel crash) via a pppd client. |
| 5 | 2005-03-14 | CVE-2005-0398 | The KAME racoon daemon in ipsec-tools before 0.5 allows remote attackers to cause a denial of service (crash) via malformed ISAKMP packets. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 66% (2) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 33% (1) | CWE-20 | Improper Input Validation |
CAPEC : Common Attack Pattern Enumeration & Classification
| id | Name |
|---|---|
| CAPEC-15 | Command Delimiters |
| CAPEC-47 | Buffer Overflow via Parameter Expansion |
| CAPEC-100 | Overflow Buffers |
| CAPEC-123 | Buffer Attacks |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 44330 | CUPS on Red Hat 64-bit pdftops Crafted PDF File Handling Overflow |
| 33201 | HP Serviceguard for Linux Unspecified Remote Access |
| 32939 | ulogd Multiple Unspecified Overflows |
| 20263 | SUSE Permissions Bypass chkstat Arbitrary File Access |
| 18702 | SuSE Linux Kernel Unspecified Stack Fault Exception Local DoS |
| 17479 | Linux Kernel ptrace / restore_sigcontext ar.rsc Access Issue |
| 16894 | Xpdf Integer Overflow Patch 64 Bit Architecture Failure |
| 15630 | PHP EXIF Header Large IFD Nesting Level DoS |
| 15214 | Linux Kernel NFS Client O_DIRECT DoS |
| 14810 | Linux Kernel Malformed PPP Packet Remote DoS |
| 14776 | IPsec-Tools racoon Daemon ISAKMP Header Parsing Remote DoS |
| 14373 | libXpm XPM Image GetImagePixels() / PutImagePixels() Overflow |
| 14366 | xli Unspecified Image Properties Overflow |
| 14357 | xloadimage Compressed Image Filename Shell Metacharacter Arbitrary Command Ex... |
| 13735 | MIME-tools MIMEDefang Empty Boundary Content-Type Virus Scan Bypass |
| 13520 | ht://Dig (htdig) config Parameter XSS |
| 13470 | Postfix IPv6 Patch if_inet6 Failure Arbitrary Mail Relay |
| 13452 | Perl PERLIO_DEBUG Local Overflow |
| 13154 | GNU Enscript EPSF Pipe Support Arbitrary Command Execution |
| 13149 | Xpdf Multiple Unspecified Remote Overflows |
| 13052 | Red Hat RHEL 3 Audit Subsystem DoS |
| 13028 | ImageMagick PSD Image Decoding Module Overflow |
| 12911 | Midnight Commander Unspecified Underflow DoS |
| 12910 | Midnight Commander Insecure Filename Quoting Arbitrary Command Execution |
| 12909 | Midnight Commander Nonexistent File Descriptor Handling DoS |
ExploitDB Exploits
| id | Description |
|---|---|
| 24696 | Linux Kernel 2.6.x IPTables Logging Rules Integer Underflow Vulnerability |
| 718 | Linux Kernel 2.6.x chown() Group Ownership Alteration Exploit |
OpenVAS Exploits
| id | Description |
|---|---|
| 2010-05-12 | Name : Mac OS X 10.5.7 Update / Mac OS X Security Update 2009-002 File : nvt/macosx_upd_10_5_7_secupd_2009-002.nasl |
| 2010-02-03 | Name : Solaris Update for CDE 1.6 119280-22 File : nvt/gb_solaris_119280_22.nasl |
| 2010-02-03 | Name : Solaris Update for Runtime library for Solaris 10 119281-22 File : nvt/gb_solaris_119281_22.nasl |
| 2009-11-17 | Name : Mac OS X Version File : nvt/macosx_version.nasl |
| 2009-10-10 | Name : SLES9: Security update for Linux kernel File : nvt/sles9p5010817.nasl |
| 2009-10-10 | Name : SLES9: Security update for openmotif File : nvt/sles9p5010938.nasl |
| 2009-10-10 | Name : SLES9: Security update for ethereal File : nvt/sles9p5010966.nasl |
| 2009-10-10 | Name : SLES9: Security update for Linux kernel File : nvt/sles9p5011171.nasl |
| 2009-10-10 | Name : SLES9: Security update for enscript File : nvt/sles9p5011436.nasl |
| 2009-10-10 | Name : SLES9: Security update for Midnight Commander File : nvt/sles9p5011441.nasl |
| 2009-10-10 | Name : SLES9: Security update for cyrus-sasl File : nvt/sles9p5011476.nasl |
| 2009-10-10 | Name : SLES9: Security update for kdelibs3 File : nvt/sles9p5011912.nasl |
| 2009-10-10 | Name : SLES9: Security update for Mozilla File : nvt/sles9p5012017.nasl |
| 2009-10-10 | Name : SLES9: Security update for Perl File : nvt/sles9p5013510.nasl |
| 2009-10-10 | Name : SLES9: Security update for apache File : nvt/sles9p5014050.nasl |
| 2009-10-10 | Name : SLES9: Security update for imlib File : nvt/sles9p5014360.nasl |
| 2009-10-10 | Name : SLES9: Security update for Linux kernel core File : nvt/sles9p5014380.nasl |
| 2009-10-10 | Name : SLES9: Security update for CUPS File : nvt/sles9p5014529.nasl |
| 2009-10-10 | Name : SLES9: Security update for OpenMotif File : nvt/sles9p5014940.nasl |
| 2009-10-10 | Name : SLES9: Security update for unarj File : nvt/sles9p5015411.nasl |
| 2009-10-10 | Name : SLES9: Security update for PHP4 File : nvt/sles9p5015816.nasl |
| 2009-10-10 | Name : SLES9: Security update for MySQL File : nvt/sles9p5015996.nasl |
| 2009-10-10 | Name : SLES9: Security update for XFree86-libs File : nvt/sles9p5016773.nasl |
| 2009-10-10 | Name : SLES9: Security update for ethereal File : nvt/sles9p5016846.nasl |
| 2009-10-10 | Name : SLES9: Security update for libtiff File : nvt/sles9p5017742.nasl |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2019-08-31 | Postfix IPv6 Relaying Security Issue RuleID : 50859 - Type : SERVER-MAIL - Revision : 1 |
| 2014-01-10 | SMB NT Trans NT SET SECURITY DESC unicode andx DACL overflow attempt RuleID : 4674 - Type : NETBIOS - Revision : 4 |
| 2014-01-10 | SMB NT Trans NT SET SECURITY DESC unicode DACL overflow attempt RuleID : 4673 - Type : NETBIOS - Revision : 4 |
| 2014-01-10 | SMB NT Trans NT SET SECURITY DESC andx DACL overflow attempt RuleID : 4672 - Type : NETBIOS - Revision : 4 |
| 2014-01-10 | SMB NT Trans NT SET SECURITY DESC DACL overflow attempt RuleID : 4671 - Type : NETBIOS - Revision : 4 |
| 2014-01-10 | SMB-DS NT Trans NT SET SECURITY DESC unicode andx DACL overflow attempt RuleID : 4670 - Type : NETBIOS - Revision : 3 |
| 2014-01-10 | SMB-DS NT Trans NT SET SECURITY DESC unicode DACL overflow attempt RuleID : 4669 - Type : NETBIOS - Revision : 3 |
| 2014-01-10 | SMB-DS NT Trans NT SET SECURITY DESC andx DACL overflow attempt RuleID : 4668 - Type : NETBIOS - Revision : 3 |
| 2014-01-10 | SMB-DS NT Trans NT SET SECURITY DESC DACL overflow attempt RuleID : 4667 - Type : NETBIOS - Revision : 3 |
| 2014-01-10 | SMB NT Trans NT SET SECURITY DESC unicode andx DACL overflow attempt RuleID : 4666 - Type : NETBIOS - Revision : 2 |
| 2014-01-10 | SMB NT Trans NT SET SECURITY DESC unicode DACL overflow attempt RuleID : 4665 - Type : NETBIOS - Revision : 2 |
| 2014-01-10 | SMB NT Trans NT SET SECURITY DESC andx DACL overflow attempt RuleID : 4664 - Type : NETBIOS - Revision : 2 |
| 2014-01-10 | SMB NT Trans NT SET SECURITY DESC DACL overflow attempt RuleID : 4663 - Type : NETBIOS - Revision : 2 |
| 2014-01-10 | SMB NT Trans NT SET SECURITY DESC unicode andx SACL overflow attempt RuleID : 4662 - Type : NETBIOS - Revision : 4 |
| 2014-01-10 | SMB NT Trans NT SET SECURITY DESC unicode SACL overflow attempt RuleID : 4661 - Type : NETBIOS - Revision : 4 |
| 2014-01-10 | SMB NT Trans NT SET SECURITY DESC andx SACL overflow attempt RuleID : 4660 - Type : NETBIOS - Revision : 4 |
| 2014-01-10 | SMB NT Trans NT SET SECURITY DESC SACL overflow attempt RuleID : 4659 - Type : NETBIOS - Revision : 4 |
| 2014-01-10 | SMB-DS NT Trans NT SET SECURITY DESC unicode andx SACL overflow attempt RuleID : 4658 - Type : NETBIOS - Revision : 3 |
| 2014-01-10 | SMB-DS NT Trans NT SET SECURITY DESC unicode SACL overflow attempt RuleID : 4657 - Type : NETBIOS - Revision : 3 |
| 2014-01-10 | SMB-DS NT Trans NT SET SECURITY DESC andx SACL overflow attempt RuleID : 4656 - Type : NETBIOS - Revision : 3 |
| 2014-01-10 | SMB-DS NT Trans NT SET SECURITY DESC SACL overflow attempt RuleID : 4655 - Type : NETBIOS - Revision : 3 |
| 2014-01-10 | SMB NT Trans NT SET SECURITY DESC unicode andx SACL overflow attempt RuleID : 4654 - Type : NETBIOS - Revision : 2 |
| 2014-01-10 | SMB NT Trans NT SET SECURITY DESC unicode SACL overflow attempt RuleID : 4653 - Type : NETBIOS - Revision : 2 |
| 2014-01-10 | SMB NT Trans NT SET SECURITY DESC andx SACL overflow attempt RuleID : 4652 - Type : NETBIOS - Revision : 2 |
| 2014-01-10 | SMB NT Trans NT SET SECURITY DESC SACL overflow attempt RuleID : 4651 - Type : NETBIOS - Revision : 2 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2015-07-16 | Name: The remote FreeBSD host is missing a security-related update. File: freebsd_pkg_ca139c7f2a8c11e5a4a5002590263bf5.nasl - Type: ACT_GATHER_INFO |
| 2015-01-19 | Name: The remote Solaris system is missing a security patch for third-party software. File: solaris11_perl-58_20131015.nasl - Type: ACT_GATHER_INFO |
| 2013-07-12 | Name: The remote Oracle Linux host is missing one or more security updates. File: oraclelinux_ELSA-2008-0206.nasl - Type: ACT_GATHER_INFO |
| 2013-06-29 | Name: The remote CentOS host is missing a security update. File: centos_RHSA-2005-332-01.nasl - Type: ACT_GATHER_INFO |
| 2012-09-24 | Name: The remote Fedora Core host is missing a security update. File: fedora_2004-414.nasl - Type: ACT_GATHER_INFO |
| 2012-09-06 | Name: The remote Mandrake Linux host is missing one or more security updates. File: mandrake_MDKSA-2005-041.nasl - Type: ACT_GATHER_INFO |
| 2012-09-06 | Name: The remote Mandrake Linux host is missing a security update. File: mandrake_MDKSA-2005-042.nasl - Type: ACT_GATHER_INFO |
| 2012-09-06 | Name: The remote Mandrake Linux host is missing a security update. File: mandrake_MDKSA-2005-043.nasl - Type: ACT_GATHER_INFO |
| 2012-09-06 | Name: The remote Mandrake Linux host is missing one or more security updates. File: mandrake_MDKSA-2005-044.nasl - Type: ACT_GATHER_INFO |
| 2012-09-06 | Name: The remote Mandrake Linux host is missing one or more security updates. File: mandrake_MDKSA-2005-056.nasl - Type: ACT_GATHER_INFO |
| 2012-08-01 | Name: The remote Scientific Linux host is missing one or more security updates. File: sl_20080401_cups_on_SL3_x.nasl - Type: ACT_GATHER_INFO |
| 2010-01-10 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2008-0261.nasl - Type: ACT_GATHER_INFO |
| 2010-01-10 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2008-0524.nasl - Type: ACT_GATHER_INFO |
| 2009-09-24 | Name: The remote SuSE 9 host is missing a security-related patch. File: suse9_9399.nasl - Type: ACT_GATHER_INFO |
| 2009-09-24 | Name: The remote SuSE 9 host is missing a security-related patch. File: suse9_9523.nasl - Type: ACT_GATHER_INFO |
| 2009-09-24 | Name: The remote SuSE 9 host is missing a security-related patch. File: suse9_9797.nasl - Type: ACT_GATHER_INFO |
| 2009-09-24 | Name: The remote SuSE 9 host is missing a security-related patch. File: suse9_9833.nasl - Type: ACT_GATHER_INFO |
| 2009-09-24 | Name: The remote SuSE 9 host is missing a security-related patch. File: suse9_9867.nasl - Type: ACT_GATHER_INFO |
| 2009-05-13 | Name: The remote host is missing a Mac OS X update that fixes various security issues. File: macosx_10_5_7.nasl - Type: ACT_GATHER_INFO |
| 2009-05-13 | Name: The remote host is missing a Mac OS X update that fixes various security issues. File: macosx_SecUpd2009-002.nasl - Type: ACT_GATHER_INFO |
| 2009-04-23 | Name: The remote FreeBSD host is missing a security-related update. File: freebsd_pkg_00644f03fb5811d89837000c41e2cdad.nasl - Type: ACT_GATHER_INFO |
| 2009-04-23 | Name: The remote FreeBSD host is missing one or more security-related updates. File: freebsd_pkg_3897a2f81d5711d9bc4a000c41e2cdad.nasl - Type: ACT_GATHER_INFO |
| 2009-04-23 | Name: The remote FreeBSD host is missing one or more security-related updates. File: freebsd_pkg_622399682f2a11d9a9e70001020eed82.nasl - Type: ACT_GATHER_INFO |
| 2009-04-23 | Name: The remote FreeBSD host is missing one or more security-related updates. File: freebsd_pkg_6e6a6b8a2fde11d9b3a20050fc56d258.nasl - Type: ACT_GATHER_INFO |
| 2009-04-23 | Name: The remote FreeBSD host is missing one or more security-related updates. File: freebsd_pkg_8091fceaf35e11d881b0000347a4fa7d.nasl - Type: ACT_GATHER_INFO |
