Lucene search
SuseOPENSUSE-SU-2013:1961-1HistoryDec 25, 2013 - 6:10 p.m.
Fixes a local vulnerability (important)
2013-12-2518:10:11
lists.opensuse.org
15
EPSS
0.001
Percentile
16.0%
Fixed CVE-2013-3709: make the secret token file
(secret_token.rb) readable only for the webyast user to
avoid forging the session cookie (bnc#851116) (reported by
joernchen of Phenoelit)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE | 13.1 | noarch | webyast-base-branding-default | < 0.3.45.1-2.4.1 | webyast-base-branding-default-0.3.45.1-2.4.1.noarch.rpm |
| openSUSE | 13.1 | noarch | webyast-base | < 0.3.45.1-2.4.1 | webyast-base-0.3.45.1-2.4.1.noarch.rpm |
| openSUSE | 13.1 | noarch | webyast-base-testsuite | < 0.3.45.1-2.4.1 | webyast-base-testsuite-0.3.45.1-2.4.1.noarch.rpm |
References
Related
nessus
nessus
openSUSE Security Update : webyast (openSUSE-SU-2013:1961-1)
2014-06-13 00:00:00
openSUSE Security Update : webyast (openSUSE-SU-2013:1954-1)
2014-06-13 00:00:00
openSUSE Security Update : webyast (openSUSE-SU-2013:1952-1)
2014-06-13 00:00:00
openvas
openvas
SuSE Update for Fixes openSUSE-SU-2013:1961-1 (Fixes)
2013-12-30 00:00:00
openSUSE: Security Advisory for Fixes (openSUSE-SU-2013:1954-1)
2013-12-30 00:00:00
SuSE Update for Fixes openSUSE-SU-2013:1954-1 (Fixes)
2013-12-30 00:00:00
cvelist
cvelist
CVE-2013-3709
2013-12-23 23:00:00
suse
suse
Fixes a local vulnerability (important)
2013-12-25 18:04:15
Security update for WebYaST (important)
2014-01-06 16:04:13
Security update for webyast (important)
2013-12-16 19:04:14
nvd
nvd
CVE-2013-3709
2013-12-23 23:55:04
prion
prion
Design/Logic Flaw
2013-12-23 23:55:00
cve
cve
CVE-2013-3709
2013-12-23 23:55:04