Suse Linux vulnerabilities

CVE-2010-0230 [HIGH] CWE-264 CVE-2010-0230: SUSE Linux Enterprise 10 SP3 (SLE10-SP3) and openSUSE 11.2 configures postfix to listen on all netwo SUSE Linux Enterprise 10 SP3 (SLE10-SP3) and openSUSE 11.2 configures postfix to listen on all network interfaces, which might allow remote attackers to bypass intended access restrictions.

CVE-2009-1648 [HIGH] CWE-16 CVE-2009-1648: The YaST2 LDAP module in yast2-ldap-server on SUSE Linux Enterprise Server 11 (aka SLE11) does not e The YaST2 LDAP module in yast2-ldap-server on SUSE Linux Enterprise Server 11 (aka SLE11) does not enable the firewall in certain circumstances involving reboots during online updates, which makes it easier for remote attackers to access network services.

CVE-2007-5471 [HIGH] CVE-2007-5471: libgssapi before 0.6-13.7, as used by the ISC BIND named daemon in SUSE Linux Enterprise Server 10 S libgssapi before 0.6-13.7, as used by the ISC BIND named daemon in SUSE Linux Enterprise Server 10 SP 1, terminates upon an initialization error, which allows remote attackers to cause a denial of service (daemon exit) via a GSS-TSIG request. NOTE: this issue probably affects other daemons that attempt to initialize this library within a chroot configuration or

CVE-2007-5196 [HIGH] CVE-2007-5196: Unspecified vulnerability in the SSL implementation in Groupwise client system in the novell-groupwi Unspecified vulnerability in the SSL implementation in Groupwise client system in the novell-groupwise-client package in SUSE Linux Enterprise Desktop 10 allows remote attackers to obtain credentials via a man-in-the-middle attack, a different vulnerability than CVE-2007-5195.

CVE-2007-5195 [MEDIUM] CWE-200 CVE-2007-5195: Unspecified vulnerability in the SSL implementation in Groupwise client system in the novell-groupwi Unspecified vulnerability in the SSL implementation in Groupwise client system in the novell-groupwise-client package in SUSE Linux Enterprise Desktop 10 allows remote attackers to obtain credentials via a man-in-the-middle attack, a different vulnerability than CVE-2007-5196.

CVE-2007-4432 [MEDIUM] CVE-2007-4432: Untrusted search path vulnerability in the wrapper scripts for the (1) rug, (2) zen-updater, (3) zen Untrusted search path vulnerability in the wrapper scripts for the (1) rug, (2) zen-updater, (3) zen-installer, and (4) zen-remover programs on SUSE Linux 10.1 and Enterprise 10 allows local users to gain privileges via modified (a) LD_LIBRARY_PATH and (b) MONO_GAC_PREFIX environment variables.

CVE-2007-4394 [LOW] CVE-2007-4394: Unspecified vulnerability in a "core clean" cron job created by the findutils-locate package on SUSE Unspecified vulnerability in a "core clean" cron job created by the findutils-locate package on SUSE Linux 10.0 and 10.1 and Enterprise Server 9 and 10 before 20070810 allows local users to delete of arbitrary files via unknown vectors.

CVE-2007-2654 [MEDIUM] CWE-362 CVE-2007-2654: xfs_fsr in xfsdump creates a .fsr temporary directory with insecure permissions, which allows local xfs_fsr in xfsdump creates a .fsr temporary directory with insecure permissions, which allows local users to read or overwrite arbitrary files on xfs filesystems.

CVE-2007-0460 [CRITICAL] CWE-119 CVE-2007-0460: Multiple buffer overflows in ulogd for SUSE Linux 9.3 up to 10.1, and possibly other distributions, Multiple buffer overflows in ulogd for SUSE Linux 9.3 up to 10.1, and possibly other distributions, have unknown impact and attack vectors related to "improper string length calculations."

CVE-2006-6662 [MEDIUM] CWE-264 CVE-2006-6662: Unspecified vulnerability in Linux User Management (novell-lum) on SUSE Linux Enterprise Desktop 10 Unspecified vulnerability in Linux User Management (novell-lum) on SUSE Linux Enterprise Desktop 10 and Open Enterprise Server 9, under unspecified conditions, allows local users to log in to the console without a password.

CVE-2006-5616 [CRITICAL] CVE-2006-5616: Multiple unspecified vulnerabilities in OpenPBS, as used in SUSE Linux 9.2 through 10.1, allow attac Multiple unspecified vulnerabilities in OpenPBS, as used in SUSE Linux 9.2 through 10.1, allow attackers to execute arbitrary code via unspecified vectors.

CVE-2006-2658 [MEDIUM] CVE-2006-2658: Directory traversal vulnerability in the xsp component in mod_mono in Mono/C# web server, as used in Directory traversal vulnerability in the xsp component in mod_mono in Mono/C# web server, as used in SUSE Open-Enterprise-Server 1 and SUSE Linux 9.2 through 10.0, allows remote attackers to read arbitrary files via a .. (dot dot) sequence in an HTTP request.

CVE-2006-2703 [MEDIUM] CVE-2006-2703: The RedCarpet command-line client (rug) does not verify SSL certificates from a server, which allows The RedCarpet command-line client (rug) does not verify SSL certificates from a server, which allows remote attackers to read network traffic and execute commands via a man-in-the-middle (MITM) attack.

CVE-2006-2752 [MEDIUM] CVE-2006-2752: The RedCarpet /etc/ximian/rcd.conf configuration file in Novell Linux Desktop 9 and SUSE SLES 9 has The RedCarpet /etc/ximian/rcd.conf configuration file in Novell Linux Desktop 9 and SUSE SLES 9 has world-readable permissions, which allows attackers to obtain the rc (RedCarpet) password.

CVE-2006-0745 [HIGH] CVE-2006-0745: X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and (1) execute arbitrary code via the -modulepath command line option or (2) overwrite arbitrary files via -logfile.

CVE-2006-0803 [MEDIUM] CVE-2006-0803: The signature verification functionality in the YaST Online Update (YOU) script handling relies on a The signature verification functionality in the YaST Online Update (YOU) script handling relies on a gpg feature that is not intended for signature verification, which prevents YOU from detecting malicious scripts or code that do not pass the signature check when gpg 1.4.x is being used.

CVE-2006-0646 [MEDIUM] CVE-2006-0646: ld in SUSE Linux 9.1 through 10.0, and SLES 9, in certain circumstances when linking binaries, can l ld in SUSE Linux 9.1 through 10.0, and SLES 9, in certain circumstances when linking binaries, can leave an empty RPATH or RUNPATH, which allows local attackers to execute arbitrary code as other users via by running an ld-linked application from the current directory, which could contain an attacker-controlled library file.

CVE-2006-0043 [MEDIUM] CVE-2006-0043: Buffer overflow in the realpath function in nfs-server rpc.mountd, as used in SUSE Linux 9.1 through Buffer overflow in the realpath function in nfs-server rpc.mountd, as used in SUSE Linux 9.1 through 10.0, allows local users to execute arbitrary code via unspecified vectors involving mount requests and symlinks.

CVE-2005-3625 [CRITICAL] CWE-399 CVE-2005-3625: Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and oth Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."

CVE-2005-4772 [MEDIUM] CVE-2005-4772: liby2util in Yet another Setup Tool (YaST) in SUSE Linux before 20051007 preserves permissions and o liby2util in Yet another Setup Tool (YaST) in SUSE Linux before 20051007 preserves permissions and ownerships when copying a remote repository, which might allow local users to read or modify sensitive files, possibly giving local users the ability to exploit CVE-2005-3013.