This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Suse First view 2005-03-02
Product Suse Linux Last view 2007-02-15
Version 9.3 Type Os
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:suse:suse_linux

Activity : Overall

Related : CVE

  Date Alert Description
10 2007-02-15 CVE-2007-0980

Unspecified vulnerability in HP Serviceguard for Linux; packaged for SuSE SLES8 and United Linux 1.0 before SG A.11.15.07, SuSE SLES9 and SLES10 before SG A.11.16.10, and Red Hat Enterprise Linux (RHEL) before SG A.11.16.10; allows remote attackers to obtain unauthorized access via unspecified vectors.

10 2007-01-23 CVE-2007-0460

Multiple buffer overflows in ulogd for SUSE Linux 9.3 up to 10.1, and possibly other distributions, have unknown impact and attack vectors related to "improper string length calculations."

5 2006-02-23 CVE-2006-0803

The signature verification functionality in the YaST Online Update (YOU) script handling relies on a gpg feature that is not intended for signature verification, which prevents YOU from detecting malicious scripts or code that do not pass the signature check when gpg 1.4.x is being used.

6.9 2005-12-31 CVE-2005-4790

Multiple untrusted search path vulnerabilities in SUSE Linux 9.3 and 10.0, and possibly other distributions, cause the working directory to be added to LD_LIBRARY_PATH, which might allow local users to execute arbitrary code via (1) beagle, (2) tomboy, or (3) blam. NOTE: in August 2007, the tomboy vector was reported for other distributions.

2.1 2005-12-31 CVE-2005-4789

resmgr in SUSE Linux 9.2 and 9.3, and possibly other distributions, does not properly enforce class-specific exclude rules in some situations, which allows local users to bypass intended access restrictions for USB devices that set their class ID at the interface level.

2.1 2005-12-31 CVE-2005-4788

resmgr in SUSE Linux 9.2 and 9.3, and possibly other distributions, allows local users to bypass access control rules for USB devices via "alternate syntax for specifying USB devices."

4.6 2005-10-27 CVE-2005-3321

chkstat in SuSE Linux 9.0 through 10.0 allows local users to modify permissions of files by creating a hardlink to a file from a world-writable directory, which can cause the link count to drop to 1 when the file is deleted or replaced, which is then modified by chkstat to use weaker permissions.

2.1 2005-08-05 CVE-2005-1767

traps.c in the Linux kernel 2.6.x and 2.4.x executes stack segment faults on an exception stack, which allows local users to cause a denial of service (oops and stack fault exception).

2.1 2005-08-05 CVE-2005-1761

Linux kernel 2.6 and 2.4 on the IA64 architecture allows local users to cause a denial of service (kernel crash) via ptrace and the restore_sigcontext function.

10 2005-06-17 CVE-2005-2023

The send_pinentry_environment function in asshelp.c in gpg2 on SUSE Linux 9.3 does not properly handle certain options, which can prevent pinentry from being found and causes S/MIME signing to fail.

5 2005-04-14 CVE-2005-1043

exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion.

7.2 2005-03-27 CVE-2005-0750

The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via (1) socket or (2) socketpair call with a negative protocol value.

7.5 2005-03-02 CVE-2005-0639

Multiple vulnerabilities in xli before 1.17 may allow remote attackers to execute arbitrary code via "buffer management errors" from certain image properties, some of which may be related to integer overflows in PPM files.

7.5 2005-03-02 CVE-2005-0638

xloadimage before 4.1-r2, and xli before 1.17, allows attackers to execute arbitrary commands via shell metacharacters in filenames for compressed images, which are not properly quoted when calling the gunzip command.

CWE : Common Weakness Enumeration

%idName
50% (1) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
50% (1) CWE-20 Improper Input Validation

Open Source Vulnerability Database (OSVDB)

id Description
39578 SuSE Linux tomboy LD_LIBRARY_PATH Variable Path Subversion Local Privilege Es...
39577 SuSE Linux blam LD_LIBRARY_PATH Variable Path Subversion Local Privilege Esca...
33201 HP Serviceguard for Linux Unspecified Remote Access
32939 ulogd Multiple Unspecified Overflows
28025 SuSE YaST YaST Online Update (YOU) Signature Verification Bypass
25601 Resource Manager resmgr Class-specific Exclude Rule Bypass
22838 gpg2 on SuSE Linux asshelp.c send_pinentry_environment Function S/MIME Signa...
20263 SUSE Permissions Bypass chkstat Arbitrary File Access
19982 SuSE Linux beagle LD_LIBRARY_PATH Variable Path Subversion Local Privilege Es...
19978 Resource Manager resmgrd USB Device Alternate Syntax Access Bypass
18702 SuSE Linux Kernel Unspecified Stack Fault Exception Local DoS
17479 Linux Kernel ptrace / restore_sigcontext ar.rsc Access Issue
15630 PHP EXIF Header Large IFD Nesting Level DoS
15084 Linux Kernel bluez_sock_create() Local Underflow
14366 xli Unspecified Image Properties Overflow
14357 xloadimage Compressed Image Filename Shell Metacharacter Arbitrary Command Ex...

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2011-02-28 Name : Mandriva Update for tomboy MDVSA-2011:035 (tomboy)
File : nvt/gb_mandriva_MDVSA_2011_035.nasl
2009-11-17 Name : Mac OS X Version
File : nvt/macosx_version.nasl
2009-10-10 Name : SLES9: Security update for PHP4
File : nvt/sles9p5021688.nasl
2009-10-10 Name : SLES9: Security update for PHP4
File : nvt/sles9p5021505.nasl
2009-10-10 Name : SLES9: Security update for liby2util
File : nvt/sles9p5016129.nasl
2009-10-10 Name : SLES9: Security update for PHP4
File : nvt/sles9p5015816.nasl
2009-04-09 Name : Mandriva Update for tomboy MDVSA-2008:064 (tomboy)
File : nvt/gb_mandriva_MDVSA_2008_064.nasl
2009-03-23 Name : Ubuntu Update for tomboy vulnerability USN-560-1
File : nvt/gb_ubuntu_USN_560_1.nasl
2009-02-27 Name : Fedora Update for tomboy FEDORA-2007-3253
File : nvt/gb_fedora_2007_3253_tomboy_fc8.nasl
2009-02-27 Name : Fedora Update for blam FEDORA-2007-3962
File : nvt/gb_fedora_2007_3962_blam_fc8.nasl
2009-02-27 Name : Fedora Update for blam FEDORA-2007-3952
File : nvt/gb_fedora_2007_3952_blam_fc7.nasl
2009-02-27 Name : Fedora Update for blam FEDORA-2007-3798
File : nvt/gb_fedora_2007_3798_blam_fc8.nasl
2009-02-27 Name : Fedora Update for blam FEDORA-2007-3792
File : nvt/gb_fedora_2007_3792_blam_fc7.nasl
2009-02-27 Name : Fedora Update for tomboy FEDORA-2007-3011
File : nvt/gb_fedora_2007_3011_tomboy_fc7.nasl
2009-02-17 Name : Fedora Update for blam FEDORA-2008-9667
File : nvt/gb_fedora_2008_9667_blam_fc8.nasl
2009-02-17 Name : Fedora Update for blam FEDORA-2008-8399
File : nvt/gb_fedora_2008_8399_blam_fc8.nasl
2009-02-17 Name : Fedora Update for blam FEDORA-2008-6127
File : nvt/gb_fedora_2008_6127_blam_fc8.nasl
2009-02-17 Name : Fedora Update for blam FEDORA-2008-6491
File : nvt/gb_fedora_2008_6491_blam_fc8.nasl
2009-02-16 Name : Fedora Update for blam FEDORA-2008-2682
File : nvt/gb_fedora_2008_2682_blam_fc8.nasl
2009-02-16 Name : Fedora Update for blam FEDORA-2008-1535
File : nvt/gb_fedora_2008_1535_blam_fc8.nasl
2009-02-13 Name : Fedora Update for blam FEDORA-2008-11551
File : nvt/gb_fedora_2008_11551_blam_fc8.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200504-15 (PHP)
File : nvt/glsa_200504_15.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200703-17 (ulogd)
File : nvt/glsa_200703_17.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200711-12 (tomboy)
File : nvt/glsa_200711_12.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200801-14 (blam)
File : nvt/glsa_200801_14.nasl

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2014-01-27 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201401-28.nasl - Type: ACT_GATHER_INFO
2013-06-29 Name: The remote CentOS host is missing a security update.
File: centos_RHSA-2005-332-01.nasl - Type: ACT_GATHER_INFO
2011-02-23 Name: The remote Mandriva Linux host is missing a security update.
File: mandriva_MDVSA-2011-035.nasl - Type: ACT_GATHER_INFO
2009-09-24 Name: The remote SuSE 9 host is missing a security-related patch.
File: suse9_10892.nasl - Type: ACT_GATHER_INFO
2009-04-23 Name: The remote Mandriva Linux host is missing a security update.
File: mandriva_MDVSA-2008-064.nasl - Type: ACT_GATHER_INFO
2008-01-29 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-200801-14.nasl - Type: ACT_GATHER_INFO
2008-01-08 Name: The remote Ubuntu host is missing a security-related patch.
File: ubuntu_USN-560-1.nasl - Type: ACT_GATHER_INFO
2007-11-29 Name: The remote Fedora host is missing a security update.
File: fedora_2007-3798.nasl - Type: ACT_GATHER_INFO
2007-11-29 Name: The remote Fedora host is missing a security update.
File: fedora_2007-3792.nasl - Type: ACT_GATHER_INFO
2007-11-20 Name: The remote openSUSE host is missing a security update.
File: suse_tomboy-4698.nasl - Type: ACT_GATHER_INFO
2007-11-14 Name: The remote Fedora host is missing a security update.
File: fedora_2007-3253.nasl - Type: ACT_GATHER_INFO
2007-11-12 Name: The remote Fedora host is missing a security update.
File: fedora_2007-3011.nasl - Type: ACT_GATHER_INFO
2007-11-09 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-200711-12.nasl - Type: ACT_GATHER_INFO
2007-03-19 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-200703-17.nasl - Type: ACT_GATHER_INFO
2007-01-08 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2005-406.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-1018.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-921.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-922.nasl - Type: ACT_GATHER_INFO
2006-07-05 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2005-293.nasl - Type: ACT_GATHER_INFO
2006-07-05 Name: The remote CentOS host is missing a security update.
File: centos_RHSA-2005-332.nasl - Type: ACT_GATHER_INFO
2006-07-05 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2005-366.nasl - Type: ACT_GATHER_INFO
2006-07-05 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2005-514.nasl - Type: ACT_GATHER_INFO
2006-07-03 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2005-663.nasl - Type: ACT_GATHER_INFO
2006-07-03 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2005-405.nasl - Type: ACT_GATHER_INFO
2006-01-15 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-187-1.nasl - Type: ACT_GATHER_INFO