EUVD-2016-2696

Malware in sbrugna...

SUSE CVE-2016-1601

yast2-users before 3.1.47, as used in SUSE Linux Enterprise 12 SP1, does not properly set empty password fields in /etc/shadow during an AutoYaST installation when the profile does not contain inst-sys users, which might allow attackers to have unspecified impact via unknown vectors...

Security update for libeconf, shadow and util-linux (moderate)

openSUSE Security Update: Security update for libeconf, shadow and util-linux Announcement ID: openSUSE-SU-2022:0727-1 Rating: moderate References: 1188507 1192954 1193632 1194976 SLE-23384 SLE-23402 Cross-References: CVE-2021-3995 CVE-2021-3996 CVSS scores: CVE-2021-3995 SUSE: 4.7...

CVE-2019-18905

A Insufficient Verification of Data Authenticity vulnerability in autoyast2 of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15 allows remote attackers to MITM connections when deprecated and unused functionality of autoyast is used to create images. This issue affects: SUSE Linux...

openSUSE: Security Advisory for yast2-users (openSUSE-SU-2016:1226-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for yast2-users (important)

yast2-users was updated to fix one security issue. This security issue was fixed: - CVE-2016-1601: Empty passwords fields in /etc/shadow after SLES 12 SP1 autoyast installation bsc974220. This update includes a script that fixes installations that we're affected by this problem. It is run...

SUSE SLED12 / SLES12 Security Update : yast2-users (SUSE-SU-2016:1138-1)

yast2-users was updated to fix one security issue. This security issue was fixed : - CVE-2016-1601: Empty passwords fields in /etc/shadow after SLES 12 SP1 autoyast installation bsc974220. This update includes a script that fixes installations that we're affected by this problem. It is run...

Default credentials

yast2-users before 3.1.47, as used in SUSE Linux Enterprise 12 SP1, does not properly set empty password fields in /etc/shadow during an AutoYaST installation when the profile does not contain inst-sys users, which might allow attackers to have unspecified impact via unknown vectors...

CVE-2016-1601

yast2-users before 3.1.47, as used in SUSE Linux Enterprise 12 SP1, does not properly set empty password fields in /etc/shadow during an AutoYaST installation when the profile does not contain inst-sys users, which might allow attackers to have unspecified impact via unknown vectors...

CVE-2016-1601

yast2-users before 3.1.47, as used in SUSE Linux Enterprise 12 SP1, does not properly set empty password fields in /etc/shadow during an AutoYaST installation when the profile does not contain inst-sys users, which might allow attackers to have unspecified impact via unknown vectors...

CVE-2016-1601

CVE-2016-1601 affects yast2-users prior to 3.1.47 used in SUSE/SLES12 SP1. The issue: during AutoYaST installations, if the profile omits inst-sys users, empty password fields in /etc/shadow are not set correctly, which could lead to an unspecified impact via unknown vectors. Multiple advisories ...