Novell

Suse Linux

17 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2024-12084

Exploit
  • EPSS 3.76%
  • Veröffentlicht 15.01.2025 15:15:10
  • Zuletzt bearbeitet 08.07.2025 04:15:35

A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths (s2length) in the code. When MAX_DIGEST_LEN exceeds the fixed SUM_LENGTH (16 bytes), an attacker can write...

7.5

CVE-2024-12088

  • EPSS 0.72%
  • Veröffentlicht 14.01.2025 18:15:25
  • Zuletzt bearbeitet 12.08.2025 21:15:28

A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, w...

3.5

CVE-2015-2567

  • EPSS 0.73%
  • Veröffentlicht 16.04.2015 17:00:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Privileges.

2.8

CVE-2015-2566

  • EPSS 0.82%
  • Veröffentlicht 16.04.2015 17:00:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via vectors related to DML.

7.8

CVE-2013-4854

  • EPSS 65.17%
  • Veröffentlicht 29.07.2013 13:59:37
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertio...

4.4

CVE-2011-0988

  • EPSS 0.04%
  • Veröffentlicht 18.04.2011 17:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

pure-ftpd 1.0.22, as used in SUSE Linux Enterprise Server 10 SP3 and SP4, and Enterprise Desktop 10 SP3 and SP4, when running OES Netware extensions, creates a world-writeable directory, which allows local users to overwrite arbitrary files and gain ...

10

CVE-2010-3912

  • EPSS 0.25%
  • Veröffentlicht 13.01.2011 01:00:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The supportconfig script in supportutils in SUSE Linux Enterprise 11 SP1 and 10 SP3 does not "disguise passwords" in configuration files, which has unknown impact and attack vectors.

7.2

CVE-2010-3110

  • EPSS 0.04%
  • Veröffentlicht 12.10.2010 20:00:03
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Multiple buffer overflows in the Novell Client novfs module for the Linux kernel in SUSE Linux Enterprise 11 SP1 and openSUSE 11.3 allow local users to gain privileges via unspecified vectors.

5

CVE-2010-1507

  • EPSS 0.2%
  • Veröffentlicht 03.09.2010 20:00:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

WebYaST in yast2-webclient in SUSE Linux Enterprise (SLE) 11 on the WebYaST appliance uses a fixed secret key that is embedded in the appliance's image, which allows remote attackers to spoof session cookies by leveraging knowledge of this key.

4.4

CVE-2009-1297

  • EPSS 0.02%
  • Veröffentlicht 23.10.2009 18:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

iscsi_discovery in open-iscsi in SUSE openSUSE 10.3 through 11.1 and SUSE Linux Enterprise (SLE) 10 SP2 and 11, and other operating systems, allows local users to overwrite arbitrary files via a symlink attack on an unspecified temporary file that ha...