This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Suse First view 2005-09-21
Product Suse Linux Last view 2007-02-15
Version 9.3 Type Os
Update *  
Edition x86_64  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:suse:suse_linux

Activity : Overall

Related : CVE

  Date Alert Description
10 2007-02-15 CVE-2007-0980

Unspecified vulnerability in HP Serviceguard for Linux; packaged for SuSE SLES8 and United Linux 1.0 before SG A.11.15.07, SuSE SLES9 and SLES10 before SG A.11.16.10, and Red Hat Enterprise Linux (RHEL) before SG A.11.16.10; allows remote attackers to obtain unauthorized access via unspecified vectors.

10 2007-01-23 CVE-2007-0460

Multiple buffer overflows in ulogd for SUSE Linux 9.3 up to 10.1, and possibly other distributions, have unknown impact and attack vectors related to "improper string length calculations."

10 2006-10-30 CVE-2006-5616

Multiple unspecified vulnerabilities in OpenPBS, as used in SUSE Linux 9.2 through 10.1, allow attackers to execute arbitrary code via unspecified vectors.

5 2006-09-12 CVE-2006-2658

Directory traversal vulnerability in the xsp component in mod_mono in Mono/C# web server, as used in SUSE Open-Enterprise-Server 1 and SUSE Linux 9.2 through 10.0, allows remote attackers to read arbitrary files via a .. (dot dot) sequence in an HTTP request.

4.4 2006-02-11 CVE-2006-0646

ld in SUSE Linux 9.1 through 10.0, and SLES 9, in certain circumstances when linking binaries, can leave an empty RPATH or RUNPATH, which allows local attackers to execute arbitrary code as other users via by running an ld-linked application from the current directory, which could contain an attacker-controlled library file.

4.6 2006-01-30 CVE-2006-0043

Buffer overflow in the realpath function in nfs-server rpc.mountd, as used in SUSE Linux 9.1 through 10.0, allows local users to execute arbitrary code via unspecified vectors involving mount requests and symlinks.

6.4 2005-12-31 CVE-2005-4772

liby2util in Yet another Setup Tool (YaST) in SUSE Linux before 20051007 preserves permissions and ownerships when copying a remote repository, which might allow local users to read or modify sensitive files, possibly giving local users the ability to exploit CVE-2005-3013.

5 2005-12-31 CVE-2005-3626

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.

10 2005-12-31 CVE-2005-3625

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."

5 2005-12-31 CVE-2005-3624

The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.

4.6 2005-10-27 CVE-2005-3321

chkstat in SuSE Linux 9.0 through 10.0 allows local users to modify permissions of files by creating a hardlink to a file from a world-writable directory, which can cause the link count to drop to 1 when the file is deleted or replaced, which is then modified by chkstat to use weaker permissions.

4.6 2005-09-21 CVE-2005-3013

Buffer overflow in liby2util in Yet another Setup Tool (YaST) for SuSE Linux 9.3 allows local users to execute arbitrary code via a long Loc entry.

CWE : Common Weakness Enumeration

%idName
50% (2) CWE-399 Resource Management Errors
25% (1) CWE-189 Numeric Errors
25% (1) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

Open Source Vulnerability Database (OSVDB)

id Description
33201 HP Serviceguard for Linux Unspecified Remote Access
32939 ulogd Multiple Unspecified Overflows
30078 OpenPBS Multiple Unspecified Issues
28743 Mono/C# Web Server mod_mono xsp Component Traversal Arbitrary File Access
23111 SUSE Linux ld RPATH Variable Subversion Privilege Escalation
22756 Linux nfs-server rpc.mountd realpath() Function Overflow
22235 Multiple Products Xpdf/kpdf Crafted FlateDecode Stream NULL Dereference DoS
22234 Multiple Products Xpdf/kpdf Crafted CCITTFaxDecode / DCTDecode Stream DoS
22233 Multiple Products Xpdf/kpdf Stream.cc CCITTFaxStream::CCITTFaxStream Function...
20263 SUSE Permissions Bypass chkstat Arbitrary File Access
20008 SuSE YaST liby2util Loc Entry Local Overflow
19979 SuSE Linux YaST liby2util Package Repository Permission Weakness

OpenVAS Exploits

id Description
2008-09-24 Name : Gentoo Security Advisory GLSA 200601-02 (kdegraphics, kpdf, koffice, kword)
File : nvt/glsa_200601_02.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200601-17 (xpdf poppler gpdf libextractor pdfto...
File : nvt/glsa_200601_17.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200703-17 (ulogd)
File : nvt/glsa_200703_17.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200704-04 (openpbs)
File : nvt/glsa_200704_04.nasl
2008-01-17 Name : Debian Security Advisory DSA 931-1 (xpdf)
File : nvt/deb_931_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 932-1 (xpdf)
File : nvt/deb_932_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 936-1 (libextractor)
File : nvt/deb_936_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 937-1 (tetex-bin)
File : nvt/deb_937_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 938-1 (koffice)
File : nvt/deb_938_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 940-1 (gpdf)
File : nvt/deb_940_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 950-1 (cupsys)
File : nvt/deb_950_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 961-1 (pdfkit.framework)
File : nvt/deb_961_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 962-1 (pdftohtml)
File : nvt/deb_962_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 975-1 (nfs-user-server)
File : nvt/deb_975_1.nasl
0000-00-00 Name : Slackware Advisory SSA:2006-045-04 kdegraphics
File : nvt/esoft_slk_ssa_2006_045_04.nasl
0000-00-00 Name : Slackware Advisory SSA:2006-045-09 xpdf
File : nvt/esoft_slk_ssa_2006_045_09.nasl

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2012-09-24 Name: The remote Fedora Core host is missing a security update.
File: fedora_2006-010.nasl - Type: ACT_GATHER_INFO
2012-09-24 Name: The remote Fedora Core host is missing a security update.
File: fedora_2006-011.nasl - Type: ACT_GATHER_INFO
2007-04-10 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-1278.nasl - Type: ACT_GATHER_INFO
2007-04-05 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-200704-04.nasl - Type: ACT_GATHER_INFO
2007-03-19 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-200703-17.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-931.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-932.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-936.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-937.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-938.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-940.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-950.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-961.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-962.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-975.nasl - Type: ACT_GATHER_INFO
2006-07-05 Name: The remote CentOS host is missing a security update.
File: centos_RHSA-2006-0177.nasl - Type: ACT_GATHER_INFO
2006-07-05 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2005-868.nasl - Type: ACT_GATHER_INFO
2006-07-03 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2006-0163.nasl - Type: ACT_GATHER_INFO
2006-07-03 Name: The remote CentOS host is missing a security update.
File: centos_RHSA-2005-840.nasl - Type: ACT_GATHER_INFO
2006-07-03 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2006-0160.nasl - Type: ACT_GATHER_INFO
2006-02-15 Name: The remote Slackware host is missing a security update.
File: Slackware_SSA_2006-045-09.nasl - Type: ACT_GATHER_INFO
2006-02-15 Name: The remote Slackware host is missing a security update.
File: Slackware_SSA_2006-045-04.nasl - Type: ACT_GATHER_INFO
2006-02-01 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-200601-17.nasl - Type: ACT_GATHER_INFO
2006-01-29 Name: The remote host is missing a vendor-supplied security patch
File: suse_SA_2006_005.nasl - Type: ACT_GATHER_INFO
2006-01-21 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-236-2.nasl - Type: ACT_GATHER_INFO