Lucene search

K
suseSuseSUSE-SA:2008:041
HistoryAug 14, 2008 - 6:02 p.m.

remote code execution in openwsman

2008-08-1418:02:43
lists.opensuse.org
78

0.959 High

EPSS

Percentile

99.5%

The openwsman project provides an implementation of the Web Service Management specification. The SuSE Security-Team has found two critical issues in the code: - two remote buffer overflows while decoding the HTTP basic authentication header (CVE-2008-2234) - a possible SSL session replay attack affecting the client (depending on the configuration) (CVE-2008-2233) Both issues were fixed.

Solution

Please install the fixed package.