SuSE Linux Distribution - Page 369
Find the information you need for your favorite open source distribution .
SuSE: 'sgmltool' vulnerability
During operation, the underlying SGML perlmodule creates temporary files in an insecure way.
SuSE: hylafax format string vulnerability
As long as hfaxd(8c) is installed setuid root, it may be possible to gain root access locally.
SuSE: 'nedit' vulnerability
When printing a whole text or selected parts of a text, nedit(1) creates a temporary file in an insecure manner. This behavior could be exploited to gain access to other users privileges, even root.
SuSE: 'sudo' vulnerability
sudo(8) previous to version 1.6.3p6 is vulnerable by a buffer overflow in it's logging code, which could lead to local root compromise.
SuSE: vim/gvim local privilege escalation
A tmp race condition and other vulnerabilities exist that may be used to gain unauthorized access to more privileges.
SuSE: mc local privilege escalation
A local attacker could trick mc into executing commands with the privileges of the user running mc
SuSE: 'xntp' buffer overflow
An exploit published by Przemyslaw Frasunek demonstrates a buffer overflow in the control request parsing code of the ntpd.
SuSE: 'joe' vulnerability
A bug in joe(1), a userfriendly text editor, was found by Christer Öberg of Wkit Security AB a few weeks ago.
SuSE: 'eperl' buffer overflows
Fumitoshi Ukai and Denis Barbier have found several potential buffer overflows, which could lead to local privilege escalation if installed setuid or to remote compromise.
SuSE: 'nkitb/nkitserv' vulnerabilities
Two parts of the nkitb/nkitserv package are vulnerable to security related bugs.
SuSE: 'pop' buffer overflows
The eMail access daemons impad(8), ipop2d(8) and ipop3d(8) of SuSE 6.1 are vulnerable to several buffer overflows.
SuSE: 'cups' vulnerabilities
A SuSE-internal security audit of the cups package conducted by Sebastian Krahmer and Thomas Biege revealed several overflows as well as insecure file handling.
SuSE: UPDATED: 'ssh' vulnerabilities
Possible remote root compromise and other issues with previous versions of ssh.
SuSE: 'ssh' remote compromise
Possible remote root compromise exists with previous versions of ssh. Other issues exist.
SuSE: 'bind' vulnerabilities
bind-8.x in all versions of the SuSE distributions contain a bug in the transaction signature handling code that can allow to remotely over-flow a buffer.
SuSE: 'kdesu' vulnerability
kdesu has a flaw which may allow a malicious user to retrieve the root password by listening to a UNIX socket.
SuSE: 'glibc' vulnerability
The dynamic linker will add user-defined shared libraries to the memory space of a program to be started.
SuSE: 'netscape' buffer overflow
Michal Zalewski has found a buffer overflow in the html parser code of the Netscape Navigator in all versions before and including 4.75.
SuSE: 'openssh/ssh' vulnerability
Many vulnerabilities have been found in the openssh package, along with a compilation problem in the openssh and ssh packages in the SuSE-7.0 distribution.
SuSE: 'tcpdump' vulnerabiltiy
Several overflowable buffers have been found in SuSE's version of tcpdump that could allow a remote attacker to crash the local tcpdump process.
