Suse Linux vulnerabilities

CVE-2004-0535 [LOW] CVE-2004-0535: The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before usin The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources.

CVE-2004-0587 [LOW] CVE-2004-0587: Insecure permissions for the /proc/scsi/qla2300/HbaApiNode file in Linux allows local users to cause Insecure permissions for the /proc/scsi/qla2300/HbaApiNode file in Linux allows local users to cause a denial of service.

CVE-2004-0554 [LOW] CVE-2004-0554: Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program.

CVE-2004-2004 [CRITICAL] CVE-2004-2004: The Live CD in SUSE LINUX 9.1 Personal edition is configured without a password for root, which allo The Live CD in SUSE LINUX 9.1 Personal edition is configured without a password for root, which allows remote attackers to gain privileges via SSH.

CVE-2004-0064 [LOW] CVE-2004-0064: The SuSEconfig.gnome-filesystem script for YaST in SuSE 9.0 allows local users to overwrite arbitrar The SuSEconfig.gnome-filesystem script for YaST in SuSE 9.0 allows local users to overwrite arbitrary files via a symlink attack on files within the tmp.SuSEconfig.gnome-filesystem.$RANDOM temporary directory.

CVE-2003-1538 [MEDIUM] CWE-20 CVE-2003-1538: susehelp in SuSE Linux 8.1, Enterprise Server 8, Office Server, and Openexchange Server 4 does not p susehelp in SuSE Linux 8.1, Enterprise Server 8, Office Server, and Openexchange Server 4 does not properly filter shell metacharacters, which allows remote attackers to execute arbitrary commands via CGI queries.

CVE-2003-1295 [LOW] CVE-2003-1295: Unspecified vulnerability in xscreensaver 4.12, and possibly other versions, allows attackers to cau Unspecified vulnerability in xscreensaver 4.12, and possibly other versions, allows attackers to cause xscreensaver to crash via unspecified vectors "while verifying the user-password."

CVE-2003-0847 [MEDIUM] CVE-2003-0847: SuSEconfig.susewm in the susewm package on SuSE Linux 8.2Pro allows local users to overwrite arbitra SuSEconfig.susewm in the susewm package on SuSE Linux 8.2Pro allows local users to overwrite arbitrary files via a symlink attack on the susewm.$$ temporary file.

CVE-2003-0846 [MEDIUM] CVE-2003-0846: SuSEconfig.javarunt in the javarunt package on SuSE Linux 7.3Pro allows local users to overwrite arb SuSEconfig.javarunt in the javarunt package on SuSE Linux 7.3Pro allows local users to overwrite arbitrary files via a symlink attack on the .java_wrapper temporary file.

CVE-2002-2185 [MEDIUM] CVE-2002-2185: The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively disconnect the group from the network.

CVE-2002-1285 [HIGH] CVE-2002-1285: runlpr in the LPRng package allows the local lp user to gain root privileges via certain command lin runlpr in the LPRng package allows the local lp user to gain root privileges via certain command line arguments.

CVE-2002-0854 [HIGH] CVE-2002-0854: Buffer overflows in ISDN Point to Point Protocol (PPP) daemon (ipppd) in the i4l package on SuSE 7.3 Buffer overflows in ISDN Point to Point Protocol (PPP) daemon (ipppd) in the i4l package on SuSE 7.3, 8.0, and possibly other operating systems, may allow local users to gain privileges.

CVE-2002-0762 [HIGH] CVE-2002-0762: shadow package in SuSE 8.0 allows local users to destroy the /etc/passwd and /etc/shadow files or as shadow package in SuSE 8.0 allows local users to destroy the /etc/passwd and /etc/shadow files or assign extra group privileges to some users by changing filesize limits before calling programs that modify the files.

CVE-2002-0758 [HIGH] CVE-2002-0758: ifup-dhcp script in the sysconfig package for SuSE 8.0 allows remote attackers to execute arbitrary ifup-dhcp script in the sysconfig package for SuSE 8.0 allows remote attackers to execute arbitrary commands via spoofed DHCP responses, which are stored and executed in a file.

CVE-2002-0768 [HIGH] CVE-2002-0768: Buffer overflow in lukemftp FTP client in SuSE 6.4 through 8.0, and possibly other operating systems Buffer overflow in lukemftp FTP client in SuSE 6.4 through 8.0, and possibly other operating systems, allows a malicious FTP server to execute arbitrary code via a long PASV command.

CVE-2002-0083 [CRITICAL] CWE-193 CVE-2002-0083: Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malic Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.

CVE-2002-0062 [HIGH] CWE-120 CVE-2002-0062: Buffer overflow in ncurses 5.0, and the ncurses4 compatibility package as used in Red Hat Linux, all Buffer overflow in ncurses 5.0, and the ncurses4 compatibility package as used in Red Hat Linux, allows local users to gain privileges, related to "routines for moving the physical cursor and scrolling."

CVE-2002-0004 [HIGH] CVE-2002-0004: Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice.

CVE-2001-0869 [HIGH] CVE-2001-0869: Format string vulnerability in the default logging callback function _sasl_syslog in common.c in Cyr Format string vulnerability in the default logging callback function _sasl_syslog in common.c in Cyrus SASL library (cyrus-sasl) may allow remote attackers to execute arbitrary commands.

CVE-2001-0872 [HIGH] CVE-2001-0872: OpenSSH 3.0.1 and earlier with UseLogin enabled does not properly cleanse critical environment varia OpenSSH 3.0.1 and earlier with UseLogin enabled does not properly cleanse critical environment variables such as LD_PRELOAD, which allows local users to gain root privileges.