SUSE Security Vulnerabilities
The default configuration of Apache 1.3.12 in SuSE Linux 6.4 enables WebDAV, which allows remote attackers to list arbitrary directories via the PROPFIND HTTP request...
6.8AI Score
0.015EPSS
Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink...
6.2AI Score
0.0004EPSS
String parsing error in rpc.kstatd in the linuxnfs or knfsd packages in SuSE and possibly other Linux systems allows remote attackers to gain root...
7AI Score
0.007EPSS
rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root...
9.6AI Score
0.081EPSS
Tnef program in Linux systems allows remote attackers to overwrite arbitrary files via TNEF encoded compressed attachments which specify absolute path names for the decompressed...
7.2AI Score
0.003EPSS
The PPP wvdial.lxdialog script in wvdial 1.4 and earlier creates a .config file with world readable permissions, which allows a local attacker in the dialout group to access login and password...
6.8AI Score
0.0004EPSS
Linux cdwtools 093 and earlier allows local users to gain root privileges via the /tmp...
7AI Score
0.0004EPSS
Buffer overflow in the XDMCP parsing code of GNOME gdm, KDE kdm, and wdm allows remote attackers to execute arbitrary commands or cause a denial of service via a long FORWARD_QUERY...
8AI Score
0.071EPSS
Buffer overflows in Linux cdwtools 093 and earlier allows local users to gain root...
7AI Score
0.0004EPSS
Buffer overflow in fdmount on Linux systems allows local users in the "floppy" group to execute arbitrary commands via a long mountpoint...
7.7AI Score
0.0004EPSS
The SuSE aaa_base package installs some system accounts with home directories set to /tmp, which allows local users to gain privileges to those accounts by creating standard user startup scripts such as...
6.9AI Score
0.0004EPSS
gpm-root in the gpm package does not properly drop privileges, which allows local users to gain privileges by starting a utility from...
6.5AI Score
0.0004EPSS
Linux kreatecd trusts a user-supplied path that is used to find the cdrecord program, allowing local users to gain root...
6.9AI Score
0.0004EPSS
SuSE Linux IMAP server allows remote attackers to bypass IMAP authentication and gain...
7.6AI Score
0.006EPSS
6.9AI Score
0.011EPSS
aaa_base in SuSE Linux 6.3, and cron.daily in earlier versions, allow local users to delete arbitrary files by creating files whose names include spaces, which are then incorrectly interpreted by aaa_base when it deletes expired files from the /tmp...
6.8AI Score
0.0004EPSS
Buffer overflow in sccw allows local users to gain root access via the HOME environmental...
6.8AI Score
0.0004EPSS
Buffer overflow in Linux mount and umount allows local users to gain root privileges via a long relative...
7.2AI Score
0.0004EPSS
A default configuration of in.identd in SuSE Linux waits 120 seconds between requests, allowing a remote attacker to conduct a denial of...
6.6AI Score
0.008EPSS
7.3AI Score
0.0004EPSS
XFree86 xfs command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of...
7.1AI Score
0.003EPSS
suidperl in Linux Perl does not check the nosuid mount option on file systems, allowing local users to gain root access by placing a setuid script in a mountable file system, e.g. a CD-ROM or floppy...
6.9AI Score
0.0004EPSS
6.9AI Score
0.002EPSS
7.3AI Score
0.014EPSS
Buffer overflow in gnuplot in Linux version 3.5 allows local users to obtain root...
6.9AI Score
0.0004EPSS
Denial of service in Linux 2.2.x kernels via malformed ICMP packets containing unusual types, codes, and IP header...
7AI Score
0.002EPSS
7.5AI Score
0.0004EPSS
7.1AI Score
0.0004EPSS
XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of...
7.1AI Score
0.0004EPSS