5 matches found
CVE-2017-3224
The CVE-2017-3224 entry concerns Quagga-based OSPF implementations. Affected component: OSPF LSAs with MaxSequenceNumber where recency is determined by sequence number, then checksum, then MaxAge. If two LSAs share the same sequence number, the LSA with the larger checksum is deemed more recent a...
CVE-2010-0230
Summary: CVE-2010-0230 concerns postfix misconfigurations in SUSE Linux Enterprise 10 SP3 and openSUSE 11.2 that allow SMTP listening on all network interfaces, potentially bypassing access restrictions. Affected components/products (from provided documents): postfix in SLE10-SP3 and openSUSE 11....
CVE-2007-2654
CVE-2007-2654 concerns the xfsdump tool: the xfs_fsr component creates a .fsr temporary directory with insecure permissions, enabling local users to read or overwrite arbitrary files on xfs filesystems. This is confirmed by multiple connected sources (Mandriva/MDKSA-2007:134, SUSE SUSEVE- CVE map...
CVE-2011-0469
The CVE-2011-0469 entry concerns a code-injection vulnerability in openSUSE, triggered when running certain source services used by the Open Build Service 2.1 prior to 11 March 2011. Exploitation details are not provided in the current documents, but CVSS metrics indicate a high to critical impac...
CVE-2008-3067
CVE-2008-3067 affects sudo in SUSE/openSUSE 10.3 . The issue is that the process does not clear the standard input buffer when password entry times out, which could allow a local user to obtain the password by reading stdin from the parent process after the sudo child process exits. The provided ...