RSS   Vulnerabilities for 'Suse linux enterprise server'   RSS

2018-06-08
 
CVE-2011-4190

CWE-310
 

 
The kdump implementation is missing the host key verification in the kdump and mkdumprd OpenSSH integration of kdump prior to version 2012-01-20. This is similar to CVE-2011-3588, but different in that the kdump implementation is specific to SUSE. A remote malicious kdump server could use this flaw to impersonate the correct kdump server to obtain security sensitive information (kdump core files).

 
2017-08-09
 
CVE-2015-3405

CWE-331
 

 
ntp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 does not generate MD5 keys with sufficient entropy on big endian machines when the lowest order byte of the temp variable is between 0x20 and 0x7f and not #, which might allow remote attackers to obtain the value of generated MD5 keys via a brute force attack with the 93 possible keys.

 
2013-07-17
 
CVE-2013-3809

 

 
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Audit Log.

 

 >>> Vendor: Opensuse 24 Products
Opensuse
Zypper
Libxcrypt
OSC
SRVX
Evergreen
Libstorage
Libstorage-ng
Suse linux enterprise desktop
Suse linux enterprise server
Suse linux enterprise software development kit
Linux enterprise desktop
Linux enterprise workstation extension
Nonfree
LEAP
Libzypp
Cryptctl
Open build service
Sysconfig
Libsolv
Opensuse leap
Yast2-samba-provision
Yast2-printer
Backports


Copyright 2019, cxsecurity.com

 

Back to Top