rpm package
opensuse/yast2-core&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/yast2-core&distro=openSUSE%20Tumbleweed
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2011-3177 | Hig | 7.8 | < 3.2.0-1.1 | 3.2.0-1.1 | Sep 8, 2017 | The YaST2 network created files with world readable permissions which could have allowed local users to read sensitive material out of network configuration files, like passwords for wireless networks. | |
| CVE-2011-2483 | — | < 3.2.0-1.1 | 3.2.0-1.1 | Aug 25, 2011 | crypt_blowfish before 1.1, as used in PHP before 5.3.7 on certain platforms, PostgreSQL before 8.4.9, and other products, does not properly handle 8-bit characters, which makes it easier for context-dependent attackers to determine a cleartext password by leveraging knowledge of | ||
| CVE-2008-4311 | — | < 4.4.0-1.4 | 4.4.0-1.4 | Dec 10, 2008 | The default configuration of system.conf in D-Bus (aka DBus) before 1.2.6 omits the send_type attribute in certain rules, which allows local users to bypass intended access restrictions by (1) sending messages, related to send_requested_reply; and possibly (2) receiving messages, |
- affected < 3.2.0-1.1fixed 3.2.0-1.1
The YaST2 network created files with world readable permissions which could have allowed local users to read sensitive material out of network configuration files, like passwords for wireless networks.
- CVE-2011-2483Aug 25, 2011affected < 3.2.0-1.1fixed 3.2.0-1.1
crypt_blowfish before 1.1, as used in PHP before 5.3.7 on certain platforms, PostgreSQL before 8.4.9, and other products, does not properly handle 8-bit characters, which makes it easier for context-dependent attackers to determine a cleartext password by leveraging knowledge of
- CVE-2008-4311Dec 10, 2008affected < 4.4.0-1.4fixed 4.4.0-1.4
The default configuration of system.conf in D-Bus (aka DBus) before 1.2.6 omits the send_type attribute in certain rules, which allows local users to bypass intended access restrictions by (1) sending messages, related to send_requested_reply; and possibly (2) receiving messages,