📦

suse_linux

Vendor: suse

Login to add this product to WatchStack
Actively Exploited 0 CISA KEV List
PoC / Exploits 27 Code Available
Total RCEs 15 Remote Access
Total CVEs 344 Total Indexed
Avg. EPSS 1.69% Exploit Prob.
Latest CVE CVE-2010-3912 Jan 13

Security Vulnerability Index

Page 5 / 35
6.4 CVSS
CVE-2004-0949

The smb_recv_trans2 function call in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 does not properly handle the re-assembly of fragmented packets correctly, which could allow remote samba servers to (1) read arbitrary kernel information or (2) raise a counter value to an arbitrary number by sending the first part of the fragmented packet multiple times.

EPSS: 3.73%
2.1 CVSS
CVE-2004-1190

SUSE Linux before 9.1 and SUSE Linux Enterprise Server before 9 do not properly check commands sent to CD devices that have been opened read-only, which could allow local users to conduct unauthorized write activities to modify the firmware of associated SCSI devices.

EPSS: 0.09%
1.2 CVSS
CVE-2004-1191

Race condition in SuSE Linux 8.1 through 9.2, when run on SMP systems that have more than 4GB of memory, could allow local users to read unauthorized memory from "foreign memory pages."

EPSS: 0.07%
7.2 CVSS
CVE-2004-1070
RCE

The load_elf_binary function in the binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly check return values from calls to the kernel_read function, which may allow local users to modify sensitive memory in a setuid program and execute arbitrary code.

EPSS: 0.07%
2.1 CVSS
CVE-2004-1895

YaST Online Update (YOU) in SuSE 8.2 and 9.0 allows local users to overwrite arbitrary files via a symlink attack on you-$USER/cookies.

EPSS: 0.10%
2.1 CVSS
CVE-2004-2097

Multiple scripts on SuSE Linux 9.0 allow local users to overwrite arbitrary files via a symlink attack on (1) /tmp/fvwm-bug created by fvwm-bug, (2) /tmp/wmmenu created by wm-oldmenu2new, (3) /tmp/rates created by x11perfcomp, (4) /tmp/xf86debug.1.log created by xf86debug, (5) /tmp/.winpopup-new created by winpopup-send.sh, or (6) /tmp/initrd created by lvmcreate_initrd.

EPSS: 0.11%
5.0 CVSS
CVE-2004-0592

The tcp_find_option function of the netfilter subsystem for IPv6 in the SUSE Linux 2.6.5 kernel with USAGI patches, when using iptables and TCP options rules, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a large option length that produces a negative integer after a casting operation to the char type, a similar flaw to CVE-2004-0626.

EPSS: 0.74%
2.1 CVSS
CVE-2004-2658

resmgr in SUSE CORE 9 does not properly identify terminal names, which allows local users to spoof terminals and login types.

EPSS: 0.06%
5.0 CVSS
CVE-2004-0626

The tcp_find_option function of the netfilter subsystem in Linux kernel 2.6, when using iptables and TCP options rules, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a large option length that produces a negative integer after a casting operation to the char type.

EPSS: 1.74%
2.1 CVSS
CVE-2004-0587

Insecure permissions for the /proc/scsi/qla2300/HbaApiNode file in Linux allows local users to cause a denial of service.

EPSS: 0.05%