VYPR

rpm package

suse/openwsman&distro=SUSE Linux Enterprise Server 11 SP4

pkg:rpm/suse/openwsman&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4

Vulnerabilities (2)

  • CVE-2019-3833HigMar 14, 2019
    affected < 2.2.3-0.16.8.1fixed 2.2.3-0.16.8.1

    Openwsman, versions up to and including 2.6.9, are vulnerable to infinite loop in process_connection() when parsing specially crafted HTTP requests. A remote, unauthenticated attacker can exploit this vulnerability by sending malicious HTTP request to cause denial of service to o

  • CVE-2019-3816HigMar 14, 2019
    affected < 2.2.3-0.16.8.1fixed 2.2.3-0.16.8.1

    Openwsman, versions up to and including 2.6.9, are vulnerable to arbitrary file disclosure because the working directory of openwsmand daemon was set to root directory. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted HTTP request t