SUSE CVE-2018-19637

Supportutils, before version 3.1-5.7.1, wrote data to static file /tmp/supplog, allowing local attackers to overwrite files on systems without symlink protection...

SUSE CVE-2018-19640

If the attacker manages to create files in the directory used to collect log files in supportutils before version 3.1-5.7.1 e.g. with CVE-2018-19638 he can kill arbitrary processes on the local machine...

SUSE CVE-2018-19639

If supportutils before version 3.1-5.7.1 is run with -v to perform rpm verification and the attacker manages to manipulate the rpm listing e.g. with CVE-2018-19638 he can execute arbitrary commands as root...

SUSE CVE-2022-45154

A Cleartext Storage of Sensitive Information vulnerability in suppportutils of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15, SUSE Linux Enterprise Server 15 SP3 allows attackers that get access to the support logs to gain knowledge of the stored credentials This issue affects:...

CVE-2022-45154 supportconfig does not remove passwords in /etc/iscsi/iscsid.conf and /etc/target/lio_setup.sh

A Cleartext Storage of Sensitive Information vulnerability in suppportutils of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15, SUSE Linux Enterprise Server 15 SP3 allows attackers that get access to the support logs to gain knowledge of the stored credentials This issue affects:...

CVE-2022-45154 supportconfig does not remove passwords in /etc/iscsi/iscsid.conf and /etc/target/lio_setup.sh

A Cleartext Storage of Sensitive Information vulnerability in suppportutils of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15, SUSE Linux Enterprise Server 15 SP3 allows attackers that get access to the support logs to gain knowledge of the stored credentials This issue affects:...

SUSE SLES15 Security Update : supportutils (SUSE-SU-2022:4594-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:4594-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL...

SUSE: Security Advisory (SUSE-SU-2022:4594-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2022-37539 · Unknown · Supportutils

Name of the Vulnerable Software and Affected Versions: supportutils affected versions not specified Description: The issue concerns the removal of passwords from certain files, including email.txt, updates.txt, and fs-iscsi.txt. This is a security fix to prevent potential exposure of sensitive...

SUSE SLED15 / SLES15 Security Update : supportutils (SUSE-SU-2022:4278-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:4278-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...

SUSE: Security Advisory (SUSE-SU-2022:4278-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2022:4294-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2022:4294-1 Security update for supportutils

This update for supportutils fixes the following issues: Security issues fixed: - Passwords correctly removed from email.txt, updates.txt and fs-iscsi.txt bsc1203818...

PT-2022-37535 · Unknown · Supportutils

Name of the Vulnerable Software and Affected Versions: supportutils affected versions not specified Description: The issue concerns the removal of passwords from certain files, including email.txt, updates.txt, and fs-iscsi.txt. This is a security fix to prevent potential exposure of sensitive...

PT-2022-37536 · Unknown · Supportutils

Name of the Vulnerable Software and Affected Versions: supportutils affected versions not specified Description: The issue concerns the incorrect handling of passwords in certain files, specifically email.txt, updates.txt, and fs-iscsi.txt. This could potentially lead to password exposure...

SUSE: Security Advisory (SUSE-SU-2021:14753-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES11 Security Update : supportutils (SUSE-SU-2019:13976-1)

The remote SUSE Linux SLES11 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2019:13976-1 advisory. - Supportutils, before version 3.1-5.7.1, when run with command line argument -A searched the file system for a ndspath binary. If an attacker...

SUSE: Security Advisory (SUSE-SU-2016:1514-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2019:13976-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2019:0480-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...