SUSE-SA:2006:009: gpg,liby2util

The remote host is missing the patch for the advisory SUSE-SA:2006:009 gpg,liby2util. With certain handcraftable signatures GPG was returning a 0 valid signature when used on command-line with option --verify. This only affects GPG version 1.4.x, so it only affects SUSE Linux 9.3 and 10.0. Other...

CVE-2005-4789

resmgr in SUSE Linux 9.2 and 9.3, and possibly other distributions, does not properly enforce class-specific exclude rules in some situations, which allows local users to bypass intended access restrictions for USB devices that set their class ID at the interface level...

SUSE-SA:2005:068: kernel

The remote host is missing the patch for the advisory SUSE-SA:2005:068 kernel. The Linux kernel was updated to fix several security problems and several bugs, listed below: Security fixes: - CVE-2005-3783: A check in ptrace2 handling that finds out if a process is attaching to itself was incorrec...

SUSE-SA:2005:050: kernel

The remote host is missing the patch for the advisory SUSE-SA:2005:050 kernel. The Linux kernel was updated to fix the following security issues: - CVE-2005-2457: A problem in decompression of files on 'zisofs' filesystem was fixed. - CVE-2005-2458: A potential buffer overflow in the zlib...

CVE-2005-3013

Buffer overflow in liby2util in Yet another Setup Tool YaST for SuSE Linux 9.3 allows local users to execute arbitrary code via a long Loc entry...

CVE-2005-3013

CVE-2005-3013 describes a buffer overflow in the liby2util component of YaST on SUSE Linux 9.3. The overflow is triggered by a long Loc entry and allows local users to execute arbitrary code. The vulnerability is local with low attack complexity and no authentication required, resulting in partia...

SUSE-SA:2005:033: spamassassin

The remote host is missing the patch for the advisory SUSE-SA:2005:033 spamassassin. The anti spam tool SpamAssassin was prone to a denial-of-service attack. A remote attacker could craft a MIME E-Mail message that would waste a lot of CPU cycles parsing the Content-Type header. This is tracked b...

SUSE Security Announcement: zlib denial of service attack (SUSE-SA:2005:039)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUSE Security Announcement Package: zlib Announcement ID: SUSE-SA:2005:039 Date: Wed, 06 Jul 2005 14:00:00 +0000 Affected Products: 9.1, 9.2, 9.3 SUSE Linux Enterprise Server 9 Novell Linux Desktop 9 Open Enterprise Server Vulnerability Type: remote...

CVE-2005-2023

The sendpinentryenvironment function in asshelp.c in gpg2 on SUSE Linux 9.3 does not properly handle certain options, which can prevent pinentry from being found and causes S/MIME signing to fail...

CVE-2005-2023

Technical details about CVE-2005-2023 are not publicly provided in the supplied documents; monitor for updates.

CVE-2005-2023

The sendpinentryenvironment function in asshelp.c in gpg2 on SUSE Linux 9.3 does not properly handle certain options, which can prevent pinentry from being found and causes S/MIME signing to fail...

CVE-2005-2023

The sendpinentryenvironment function in asshelp.c in gpg2 on SUSE Linux 9.3 does not properly handle certain options, which can prevent pinentry from being found and causes S/MIME signing to fail...

CVE-2005-2023

The sendpinentryenvironment function in asshelp.c in gpg2 on SUSE Linux 9.3 does not properly handle certain options, which can prevent pinentry from being found and causes S/MIME signing to fail...

CVE-2005-1831

CVE-2005-1831 refers to Sudo 1.6.8p7 on SuSE Linux 9.3 (and possibly other distros) where local users could gain privileges by using sudo to run su, then entering a blank password and pressing CTRL-C. Several researchers could not reproduce the issue, noting that Sudo catches SIGINT and returns a...

SUSE-SA:2005:025: OpenOffice_org

The remote host is missing the patch for the advisory SUSE-SA:2005:025 OpenOfficeorg. This security update fixes a buffer overflow in OpenOfficeorg Microsoft Word document reader which could allow a remote attacker sending a handcrafted .doc file to execute code as the user opening the document i...

[Full-disclosure] SUSE Security Announcement: cvs (SUSE-SA:2005:024)

-----BEGIN PGP SIGNED MESSAGE----- SUSE Security Announcement Package: cvs Announcement-ID: SUSE-SA:2005:024 Date: Monday, Apr 18st 2005 13:30 MEST Affected products: 8.2, 9.0, 9.1, 9.2, 9.3 SUSE CORE 9 for x86 SuSE Linux Enterprise Server 8, 9 UnitedLinux 1.0 School-Server 1 Open-Enterprise-Serv...

SUSE-SA:2005:022: kdelibs3

The remote host is missing the patch for the advisory SUSE-SA:2005:022 kdelibs3. Several vulnerabilities have been identified and fixed in the KDE desktop environment. - A buffer overflow via specially crafted PCX pictures was fixed. This could lead to a remote attacker being able to execute code...