Vulnerabilities > Suse > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2003-12-31 | CVE-2003-1538 | Improper Input Validation vulnerability in Suse products susehelp in SuSE Linux 8.1, Enterprise Server 8, Office Server, and Openexchange Server 4 does not properly filter shell metacharacters, which allows remote attackers to execute arbitrary commands via CGI queries. | 6.4 |
2003-11-17 | CVE-2003-0847 | Local Security vulnerability in Suse Linux 8.2 SuSEconfig.susewm in the susewm package on SuSE Linux 8.2Pro allows local users to overwrite arbitrary files via a symlink attack on the susewm.$$ temporary file. | 4.6 |
2003-11-17 | CVE-2003-0846 | Local Security vulnerability in Suse Linux 7.3 SuSEconfig.javarunt in the javarunt package on SuSE Linux 7.3Pro allows local users to overwrite arbitrary files via a symlink attack on the .java_wrapper temporary file. | 4.6 |
2002-12-31 | CVE-2002-2185 | Denial Of Service vulnerability in Multiple Vendor Spoofed IGMP Report The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively disconnect the group from the network. | 4.9 |
2001-12-06 | CVE-2001-0851 | Linux kernel 2.0, 2.2 and 2.4 with syncookies enabled allows remote attackers to bypass firewall rules by brute force guessing the cookie. | 5.0 |
2001-12-06 | CVE-2001-0834 | Remote Denial of Service/File Disclosure vulnerability in ht://Dig htsearch CGI program in htdig (ht://Dig) 3.1.5 and earlier allows remote attackers to use the -c option to specify an alternate configuration file, which could be used to (1) cause a denial of service (CPU consumption) by specifying a large file such as /dev/zero, or (2) read arbitrary files by uploading an alternate configuration file that specifies the target file. | 6.4 |
2001-11-22 | CVE-2001-0918 | Unspecified vulnerability in Suse Linux 7.2/7.3 Vulnerabilities in CGI scripts in susehelp in SuSE 7.2 and 7.3 allow remote attackers to execute arbitrary commands by not opening files securely. | 5.1 |
2001-09-20 | CVE-2001-0641 | Heap Overflow vulnerability in Man -S Buffer overflow in man program in various distributions of Linux allows local user to execute arbitrary code as group man via a long -S option. | 4.6 |
2001-08-02 | CVE-2001-0610 | Local Security vulnerability in Linux kfm as included with KDE 1.x can allow a local attacker to gain additional privileges via a symlink attack in the kfm cache directory in /tmp. | 4.6 |
2001-01-09 | CVE-2000-1107 | Unspecified vulnerability in Suse Linux in.identd ident server in SuSE Linux 6.x and 7.0 allows remote attackers to cause a denial of service via a long request, which causes the server to access a NULL pointer and crash. | 5.0 |