SUSE-SU-2019:0480-1 Security update for supportutils

This update for supportutils fixes the following issues: Security issues fixed: - CVE-2018-19640: Fixed an issue where users could kill arbitrary processes bsc1118463. - CVE-2018-19638: Fixed an issue where users could overwrite arbitrary log files bsc1118460. - CVE-2018-19639: Fixed a code...

QNAP HelpDesk SQL Injection(CVE-2017-13068)

Vulnerability Summary The following advisory describes a SQL injection found in QTS Helpdesk versions 1.1.12 and earlier. QNAP helpdesk: “Starting from QTS 4.2.2 you can use the built-in Helpdesk app to directly submit help requests to QNAP from your NAS. To do so, ensure your NAS can reach the...

Novell SUSE Linux Enterprise Server/SUSE Linux Enterprise Desktop Code Injection Vulnerability

SuSE Linux Enterprise Server and SUSE Linux Enterprise Desktop are both enterprise server versions of the Linux operating system from the American company Novell. A code injection vulnerability exists in the supportconfig data collection tool in supportutils in Novell SUSE Linux Enterprise Server...

CVE-2016-1602

A code injection in the supportconfig data collection tool in supportutils in SUSE Linux Enterprise Server 12 and 12-SP1 and SUSE Linux Enterprise Desktop 12 and 12-SP1 could be used by local attackers to execute code as the user running supportconfig usually root...

CVE-2016-1602

A code injection in the supportconfig data collection tool in supportutils in SUSE Linux Enterprise Server 12 and 12-SP1 and SUSE Linux Enterprise Desktop 12 and 12-SP1 could be used by local attackers to execute code as the user running supportconfig usually root...

SUSE-RU-2017:0174-1 Recommended update for SUSE Manager Client Tools

This update fixes the following issues: osad: - Fix logfile option for osa-dispatcher. bsc980752 salt: - Update to 2015.8.12 - Add pre-require to salt for minions. - Do not restart salt-minion in salt package. - Add try-restart to sys-v init scripts. - Add 'Restart=on-failure' for salt-minion...

SUSE-SU-2016:1514-1 Security update for supportutils

supportutils was updated to fix one security issue. This security issue was fixed: - CVE-2016-1602: Code injection and privilege escalation via unescaped filenames bsc980670...

SUSE-SU-2016:1507-1 Security update for supportutils

supportutils was updated to fix one security issue. This security issue was fixed: - CVE-2016-1602: Code injection and privilege escalation via unescaped filenames bsc980670...

CVE-2010-3912

CVE-2010-3912 (NORMAL) Affected products: SUSE Linux Enterprise 11 SP1 and 10 SP3, involving the supportconfig script within the supportutils package. Vulnerability: The supportconfig script does not disguise passwords in configuration files it collects. The available description notes unknown im...

SuSE 10 Security Update : supportutils (ZYPP Patch Number 7215)

The supportconfig script did not disguise passwords in the config files it collected. CVE-2010-3912 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid51447;...