Security update for supportutils (important)

openSUSE Security Update: Security update for supportutils Announcement ID: openSUSE-SU-2019:0293-1 Rating: important References: 1043311 1046681 1051797 1071545 1105849 1112461 1115245 1117776 1118460 1118462 1118463 1125609 1125666 Cross-References: CVE-2018-19637 CVE-2018-19638 CVE-2018-19639...

SUSE Supportutils Backlink Vulnerability

SUSE Supportutils is a collection of utility programs used in SUSE Linux systems from SUSE Germany. The product has the ability to collect system troubleshooting information, read and interpret the basic-health-check.txt file, and perform a brief analysis of the kernel core files. A backlink...

SUSE Supportutils Backlink Vulnerability (CNVD-2019-39167)

SUSE Supportutils is a collection of utility programs used in SUSE Linux systems from SUSE Germany. The product has the ability to collect system troubleshooting information, read and interpret the basic-health-check.txt file, and perform a brief analysis of the kernel core files. A backlink...

SUSE Supportutils Command Injection Vulnerability

SUSE Supportutils is a collection of utility programs used in SUSE Linux systems from SUSE Germany. The product has the ability to collect system troubleshooting information, read and interpret the basic-health-check.txt file, and perform a brief analysis of the kernel core files. A command...

SUSE Supportutils Input Validation Error Vulnerability

SUSE Supportutils is a collection of utility programs used in SUSE Linux systems from SUSE Germany. The product has the ability to collect system troubleshooting information, read and interpret the basic-health-check.txt file, and perform a brief analysis of the kernel core files. An input...

SUSE-SU-2019:0480-1 Security update for supportutils

This update for supportutils fixes the following issues: Security issues fixed: - CVE-2018-19640: Fixed an issue where users could kill arbitrary processes bsc1118463. - CVE-2018-19638: Fixed an issue where users could overwrite arbitrary log files bsc1118460. - CVE-2018-19639: Fixed a code...

QNAP HelpDesk SQL Injection(CVE-2017-13068)

Vulnerability Summary The following advisory describes a SQL injection found in QTS Helpdesk versions 1.1.12 and earlier. QNAP helpdesk: “Starting from QTS 4.2.2 you can use the built-in Helpdesk app to directly submit help requests to QNAP from your NAS. To do so, ensure your NAS can reach the...

Novell SUSE Linux Enterprise Server/SUSE Linux Enterprise Desktop Code Injection Vulnerability

SuSE Linux Enterprise Server and SUSE Linux Enterprise Desktop are both enterprise server versions of the Linux operating system from the American company Novell. A code injection vulnerability exists in the supportconfig data collection tool in supportutils in Novell SUSE Linux Enterprise Server...

CVE-2016-1602

A code injection in the supportconfig data collection tool in supportutils in SUSE Linux Enterprise Server 12 and 12-SP1 and SUSE Linux Enterprise Desktop 12 and 12-SP1 could be used by local attackers to execute code as the user running supportconfig usually root...

CVE-2016-1602

A code injection in the supportconfig data collection tool in supportutils in SUSE Linux Enterprise Server 12 and 12-SP1 and SUSE Linux Enterprise Desktop 12 and 12-SP1 could be used by local attackers to execute code as the user running supportconfig usually root...

SUSE-RU-2017:0174-1 Recommended update for SUSE Manager Client Tools

This update fixes the following issues: osad: - Fix logfile option for osa-dispatcher. bsc980752 salt: - Update to 2015.8.12 - Add pre-require to salt for minions. - Do not restart salt-minion in salt package. - Add try-restart to sys-v init scripts. - Add 'Restart=on-failure' for salt-minion...

SUSE-SU-2016:1514-1 Security update for supportutils

supportutils was updated to fix one security issue. This security issue was fixed: - CVE-2016-1602: Code injection and privilege escalation via unescaped filenames bsc980670...

SUSE-SU-2016:1507-1 Security update for supportutils

supportutils was updated to fix one security issue. This security issue was fixed: - CVE-2016-1602: Code injection and privilege escalation via unescaped filenames bsc980670...

CVE-2010-3912

CVE-2010-3912 (NORMAL) Affected products: SUSE Linux Enterprise 11 SP1 and 10 SP3, involving the supportconfig script within the supportutils package. Vulnerability: The supportconfig script does not disguise passwords in configuration files it collects. The available description notes unknown im...

SuSE 10 Security Update : supportutils (ZYPP Patch Number 7215)

The supportconfig script did not disguise passwords in the config files it collected. CVE-2010-3912 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid51447;...