SuSE Linux Distribution - Page 737
Find the information you need for your favorite open source distribution .
SuSE: 'gnorpm' update
Insecure temporary file handling may cause the gnorpm package to overwrite arbitrary files on the system.
SuSE: 'syslogd/klogd' vulnerability
Errors in both the klogd and the syslogd can cause both daemons do die when specially designed strings get passed to the kernel by the user.
SuSE: 'pam_smb' vulnerability
Versions 1.1.5 and before contain a buffer overflow that would allow a remote attacker to gain root access on the target host.
SuSE: 'apache' vulnerabilities.
The configuration file for apache contains two security relevant errors.
SuSE: 'screen' vulnerability
screen, a tty multiplexer, is installed suid root by default on SuSE Linux distributions.
SuSE: 'shlibs' vulnerability
The glibc implementations in all SuSE distributions starting with SuSE-6.0 have multiple security problems
SuSE: Netscape vulnerability [updated]
Two security problems exist in the netscape package as shipped with SuSE Linux distributions.
SuSE: perl vulnerability
suidperl is the perl interpreter for suid perl scripts, a part of the perl package. A maliciously implemented feature causes the interpreter to spawn the /bin/mail program to inform the superuser of its usage, thereby passing on untrusted environment that causes /bin/mail to execute arbitrary commands as user root.
SuSE: knfsd vulnerability
Due to incorrect string parsing in the code, a remote attacker could gain root priviledges on the machine running the vulnerable rpc.kstatd. This advisory contains other general security information as well.
SuSE: Misc Security Info
This advisory contains information on the status of several outstanding potential security vulnerabilities present in SuSE Linux.
SuSE: nkitb vulnerability
It may be possible for an attacker to modify his/her DNS record to execute abitrary machine code as root while connecting to the standard ftp daemon.
SuSE: makewhatis not vulnerable
makewhatis from man package reported to not be vulnerable to /tmp race condition bug.
SuSE: Kernel update
The implementation of the capability feature of the kernel 2.2.x < 2.2.16 is faulty.
SuSE: Updated wu-ftpd package
The wu-ftp FTP server does not do proper bounds checking while processing the SITE EXEC command.
SuSE: kmulti local root compromise
An adversary could set SHELL to his own program to get local root access to the system by writing directly to the raw HDD device.
