exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 61 RSS Feed

Files

suse.slapper.txt
Posted Sep 21, 2002
Site suse.com

SuSE Security Advisory SuSE-SA:2002:033 - SuSE Linux warns its users about several packages that were statically linked against vulnerable OpenSSL libraries. The affected packages are mod_ssl, sendmail-tls, openssh and freeswan.

systems | linux, suse
SHA-256 | 6b94b19199a9b179d3322e3c41060547982cff8e5dde5d7eace93f5e6e6e2eeb
suse.apache.chunked.txt
Posted Jun 25, 2002
Site suse.com

SuSE security advisory SuSE-SA:2002:022 - A vulnerability found in the chucked encoding implementation in Apache versions 1.3.24, 2.0.36 or prior can be used to remotely execute code on systems running this software. This vulnerability affects SuSE linux version 6.4, 7.0, 7.1, 7.2, 7.3 and 8.0.

systems | linux, suse
SHA-256 | ce8ba2d791adb635b35fc3b8d33f6e9301d4f13b38160ba2947052e99fe0e54d
suse.dhcpd.txt
Posted May 24, 2002
Authored by SuSE Security, FJ Serna | Site suse.com

SuSE Linux Security Announcement SuSE-SA:2002:019 - ISC DHCPD v3.0 to 3.0.1rc8 is vulnerable to a remote root format string bug attack when reporting the result of a dns-update request. This affects SuSE distributions based upon 7.2, 7.3 and 8.0.

tags | remote, root
systems | linux, suse
SHA-256 | f689ab8829be49e2e200eda31af2d7bc7329c4feb1a4cc87cf59afb317e1112c
suse.lukemftp.txt
Posted May 19, 2002
Authored by SuSE Security | Site suse.com

SuSE Linux security advisory SuSE-SA:2002:018 - A buffer overflow that allows remote code execution has been found in the code used by Lukemftp to process information returned from the PASV FTP command. Lukemftp is the standard ftp client in /usr/bin/ftp.

tags | remote, overflow, code execution
systems | linux, suse
SHA-256 | 7c7016461f31b2c17ff9ef92c9ea6a3b7f1866c0f809f7be06301dba36e585b5
suse.sysconfig.txt
Posted May 10, 2002
Site suse.com

SuSE Security Announcement: sysconfig (SuSE-SA:2002:016) - On SuSE 8.0 information gained from DHCP packets is used in commands line execution by the ifup-dhcp script. This vulnerability has been fixed in the sysconfig-0.23.14-60.i386.rpm package.

systems | linux, suse
SHA-256 | c82cc50639bd3babda48b1d2a00ee6187697cb5e6a2f5fdd0ee5849e68c17de6
suse.imlib.txt
Posted May 8, 2002
Site suse.de

SuSE Security Announcement: imlib (SuSE-SA:2002:015) - Imlib used to depend on a netpbm library which is well known to have security problems. This and a heap corruption bug have been corrected.

systems | linux, suse
SHA-256 | 2b8c62dbe9dfb2ff8c5fe9b81bf9c14050d90ff08553f73c01d4d5e6d20e6e29
suse.cron.txt
Posted May 17, 2001
Site suse.de

SuSE Security Advisory SuSE-SA:2001:17 - The crontab program is running setuser-id root and invokes the editor specified in the EDITOR environment variable, usually vi. If crontab discovers that the format of the edited file is incorrect, it executes the editor again but fails to drop its root privileges before. Therefore it is possible to execute arbitrary commands as root.

tags | arbitrary, root
systems | linux, suse
SHA-256 | 182161b3dc70f9a7f132c01181274899f16022e0ba9631a637b6a2153c99ffd9
suse.hylafax.txt
Posted Apr 24, 2001
Site suse.de

SuSE Security Advisory SuSE-SA:2001:15 - Hfaxd v4.1 contains format string local root vulnerabilities.

tags | local, root, vulnerability
systems | linux, suse
SHA-256 | 3cf8862d583d947dadda3785192ae779b2089fde342767b61a93665c00da2287
suse.nedit.txt
Posted Apr 24, 2001
Site suse.de

SuSE Security Advisory SuSE-SA:2001:14 - When printing a whole text or selected parts of a text, nedit(1) creates a temporary file in an insecure manner. This behavior could be exploited to gain access to other users privileges, even root.

tags | root
systems | linux, suse
SHA-256 | c321f2d2c6822aa4ca64718a94a057c55f327826eacf875bc043b241a27cdcbd
suse.sudo.txt
Posted Apr 24, 2001
Site suse.de

SuSE Security Advisory SuSE-SA:2001:13 - sudo(8) previous to version 1.6.3p6 is vulnerable by a buffer overflow in it's logging code, which could lead to local root compromise.

tags | overflow, local, root
systems | linux, suse
SHA-256 | c883baed233c59823a1115733acb1dfedd991234d9bbb44b25141a1a7ae609ab
suse.vim.txt
Posted Apr 13, 2001
Site suse.de

SuSE Security Advisory SuSE-SA:2001:12 - Vim and gvim have two vulnerabilities - A /tmp race condition and vim commands in regular files will be executed if the status line of vim is enabled in vimrc. Both vulnerabilities could be used to gain unauthorized access to more privileges. Patches available.

tags | vulnerability
systems | linux, suse
SHA-256 | 8070dd0cc8be8aa8f30511aa9b4fe1c976358e0623d82c15c16cdb092b7c1942
suse.mc.txt
Posted Apr 13, 2001
Site suse.de

SuSE Security Advisory SuSE-SA:2001:11 - The Midnight Commander, mc(1), is a ncurses-based file manager. A local attacker could trick mc(1) into executing commands with the privileges of the user running mc(1) by creating malicious directory names. This attack leads to local privilege escalation. Update mc to the newest version!

tags | local
systems | linux, suse
SHA-256 | f0e762dca5b7e73c15bc2a0e7afd087bd7bc4462da02c245bf373d607d1987bb
suse.xntp.txt
Posted Apr 10, 2001
Site suse.de

SuSE Security Advisory SuSE-SA:2001:10 - xntp is the network time protocol package widely used with many unix and linux systems for system time synchronization over a network. An exploit published by Przemyslaw Frasunek demonstrates a buffer overflow in the control request parsing code. The exploit allows a remote attacker to execute arbitrary commands as root. All versions as shipped with SuSE Linux are affected by the buffer overflow problem.

tags | remote, overflow, arbitrary, root, protocol
systems | linux, unix, suse
SHA-256 | 0940235fd01fc11193510402bc05eade811b55a7c35de34923ef206b95e019f8
suse.cups.txt
Posted Mar 9, 2001
Site suse.de

SuSE Security Advisory SuSE-SA:2001:05 - CUPS contains remote root vulnerabilities which can be exploited over TCP port 631.

tags | remote, root, tcp, vulnerability
systems | linux, suse
SHA-256 | 2e3446dd394159e9e80e397eba2fcbf4d02b508fc5aa617c926e097c96b437e5
suse.ssh1.txt
Posted Feb 16, 2001
Site suse.de

SuSE Security Advisory SuSE-SA:2001:04 - SSH1 allows remote users to brute-force passwords without getting noticed or logged, SSH session key recovery, and remote root compromise. Switch to openssh.

tags | remote, root
systems | linux, suse
SHA-256 | 61675fb7a2bba6039f31869677773990330a6bcd84a7b6edd2504dd0848668b3
suse.bind8.txt
Posted Feb 2, 2001
Site suse.de

SuSE Security Announcement - bind-8.x in all versions of the SuSE distributions contain a bug in the transaction signature handling code that can allow to remotely overflow a buffer and thereby execute arbitrary code as the user running the nameserver (this is user named by default on SuSE systems). In addition to this bug, another problem allows for a remote attacker to collect information about the running bind process.

tags | remote, overflow, arbitrary
systems | linux, suse
SHA-256 | 936e9eac95883f538ebdb55426ee35ddc9ab5a894a3dc1e711de8a4395b6c9e2
suse.kdesu.txt
Posted Feb 1, 2001
Site suse.de

SuSE Security Announcement SuSE-SA:2001:02 - Kdesu can give users the root password if the 'keep password' option is enabled.

tags | root
systems | linux, suse
SHA-256 | 56856c8ac9a58ae68d4160c526bcdd21a888930d51ba0e9c639b25ca63460e51
suse.glibc.txt
Posted Jan 26, 2001
Site suse.de

SuSE Security Announcement SuSE-SA:2001:01 - The runtime-linker as used in the SuSE distributions ignores the content of the critical environment variables, allowing local users to link against user-specified libraries and obtain the privilege level of a setuid binary. To eliminate these problems, we provide update packages that completely disregard the LD_* variables upon runtime-linking of a binary that has an effective uid different from the caller's userid.

tags | local
systems | linux, suse
SHA-256 | c959686d9a258fb810d00f98affd0b148445bc3d843faa9b12731301bca404d7
suse.openssh.txt
Posted Dec 23, 2000
Site suse.de

SuSE Security Announcement - openssh is an implementation of the secure shell protocol, available under the BSD license, primarily maintained by the OpenBSD Project. Many vulnerabilities have been found in the openssh package: An openssh client (the ssh program) can accept X11- or ssh-agent forwarding requests even though these forwarding capabilities have not been requested by the client side after successful authentication. Using these weaknesses, an attacker could gain access to the authentication agent which may hold multiple user-owned authentication identities, or to the X-server on the client side as if requested by the user.

tags | shell, vulnerability, protocol
systems | linux, suse, bsd, openbsd
SHA-256 | 6bc86fe768520b6d4748e5ce57dc320bc8e2cc6fab198eb115172bff82ff249d
suse.netscape.txt
Posted Dec 3, 2000

SuSE Security Advisory - SuSE Security Advisory - Two security problems exist in the netscape packages shipped with SuSE Linux distributions. The first one involves improper verification in Netscape's jpeg processing code that can lead to a buffer overflow where data from the network can overwrite memory. The second involves an error in the java implentation in Netscape where it is possible for an attacker to view files and directories with the priviledge of the user running Netscape if the user visits a maliciously crafted web site. Upgrade to 4.76!!! SuSE security site here

tags | java, web, overflow
systems | linux, suse
SHA-256 | 61dde4dec669baaf20d6eb539ece6a6596516754149c44442fa7f01e5e572dae
suse.tcpdump.txt
Posted Nov 21, 2000
Site suse.de

SuSE Security Announcement - Tcpdump contains remotely exploitable buffer overflows. Fully patched upgrade not yet available.

tags | overflow
systems | linux, suse
SHA-256 | 09a3f03d097b83f926bedcf398dc7653453db5432aad0fb2e48a6c0a230c13c6
suse.miscellaneous.txt
Posted Nov 16, 2000
Site suse.de

SuSE Security Advisory - Several recent issues are covered in this advisory, including a gpg, bind8, pine, gs, global, tcpdump, tcsh, and the module package.

systems | linux, suse
SHA-256 | 82bf75c1a50e52d7b78b11de64063c4c43581207d3fefd769ecbd34f0c751039
suse.modprobe.txt
Posted Nov 13, 2000
Site suse.de

SuSE Security Announcement - Newer versions of /sbin/modprobe can be tricked into executing commands as root if setuid programs which can trigger the loading of modules are installed.

tags | root
systems | linux, suse
SHA-256 | 600ed3a3cac000cdeae2f9e19fa707d65d6b882e05aa67d20e04dbc68db5a864
suse.ncurses.txt
Posted Oct 28, 2000
Site suse.de

SuSE Security Advisory - A vulnerability has been found in the ncurses library, which is used by many text based applications. Insufficient boundary checking leads to a buffer overflow if a user supplies a specially drafted terminfo database file. If an ncurses-linked binary is installed setuid root, it is possible for a local attacker to exploit this hole and gain local root access. SuSE recommends patching this vulnerability by removing the SUID bits from xaos, screen, and cda.

tags | overflow, local, root
systems | linux, suse
SHA-256 | ac12b02288d39d5602539adb46a4349398da66ae75f08fcfd4f548ea2d04d609
suse.ypbind.txt
Posted Oct 18, 2000
Site suse.de

SuSE Security Advisory - Ypbind suffers from remote root format string bugs and needs to be updated.

tags | remote, root
systems | linux, suse
SHA-256 | 55c413d276ef65f6649cc01a60b94fdef0f5fb5882cbfd94775c072f709caa37
Page 1 of 3
Back123Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close