The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Micro Focus Open Enterprise Server

Novell Open Enterprise Server: Cross Site Scripting via Netstorage
An attacker can trigger a Cross Site Scripting via Netstorage of Novell Open Enterprise Server, in order to run JavaScript code in the context of the web site...
CVE-2019-3490, VIGILANCE-VUL-29220
Novell Open Enterprise Server: directory traversal via Remote Manager
An attacker can traverse directories via Remote Manager of Novell Open Enterprise Server, in order to read a file outside the service root path...
CVE-2017-5182, VIGILANCE-VUL-21675
Novell Open Enterprise Server: read-write access
An attacker can bypass access restrictions of Novell Open Enterprise Server, in order to read or alter data...
CVE-2016-5763, VIGILANCE-VUL-21133
Samba: use after free via NetLogon
An unauthenticated attacker can force the usage of a freed memory area in NetLogon of Samba, in order to trigger a denial of service, and possibly to execute code with root privileges...
7014420, bulletinjan2015, c04636672, CERTFR-2015-AVI-078, CVE-2015-0240, DSA-3171-1, FEDORA-2015-2519, FEDORA-2015-2538, HPSBUX03320, MDVSA-2015:081, MDVSA-2015:082, MDVSA-2015:083, openSUSE-SU-2015:0375-1, openSUSE-SU-2016:1064-1, openSUSE-SU-2016:1106-1, openSUSE-SU-2016:1107-1, openSUSE-SU-2016:1108-1, openSUSE-SU-2016:1440-1, RHSA-2015:0249-01, RHSA-2015:0250-01, RHSA-2015:0251-01, RHSA-2015:0252-01, RHSA-2015:0253-01, RHSA-2015:0254-01, RHSA-2015:0255-01, RHSA-2015:0256-01, RHSA-2015:0257-01, SSA:2015-064-01, SSRT101952, SUSE-SU-2015:0353-1, SUSE-SU-2015:0371-1, SUSE-SU-2015:0386-1, USN-2508-1, VIGILANCE-VUL-16242
Novell Client for Linux on OES11 SP2: privilege escalation via nwrights
A local attacker can use a file, with rights granted by nwrights, in order to escalate his privileges...
7014932, CVE-2014-0595, SUSE-SU-2014:0847-1, VIGILANCE-VUL-14721
Novell Open Enterprise Server: denial of service via HTTPSTK
An attacker can generate several SSL errors in HTTPSTK of Novell Open Enterprise Server, in order to trigger a denial of service...
7014063, CVE-2013-3707, VIGILANCE-VUL-13866
Novell Open Enterprise Server: buffer overflow via iPrint
A remote attacker can generate a buffer overflow in Novell iPrint Server, in order to execute code...
7010084, BID-51791, CVE-2011-4194, VIGILANCE-VUL-11338, ZDI-12-031
Linux kernel: memory reading via ipc
A local attacker can use an IPC, in order to read bytes stored in the kernel memory...
BID-43828, BID-43829, BID-45054, BID-45073, CERTA-2002-AVI-272, CVE-2010-4072, CVE-2010-4073, DSA-2126-1, ESX400-201110001, ESX400-201110401-SG, ESX400-201110403-SG, ESX400-201110406-SG, ESX400-201110408-SG, ESX400-201110409-SG, ESX400-201110410-SG, FEDORA-2010-18432, FEDORA-2010-18493, FEDORA-2010-18506, MDVSA-2011:029, MDVSA-2011:051, openSUSE-SU-2010:1047-1, openSUSE-SU-2011:0004-1, openSUSE-SU-2011:0048-1, openSUSE-SU-2011:0346-1, openSUSE-SU-2013:0927-1, RHSA-2010:0958-01, RHSA-2011:0007-01, RHSA-2011:0017-01, RHSA-2011:0162-01, SUSE-SA:2010:060, SUSE-SA:2011:001, SUSE-SA:2011:004, SUSE-SA:2011:007, SUSE-SA:2011:008, SUSE-SA:2011:017, SUSE-SU-2011:0928-1, VIGILANCE-VUL-10008, VMSA-2011-0004.2, VMSA-2011-0009.1, VMSA-2011-0010.2, VMSA-2011-0012, VMSA-2011-0012.1, VMSA-2011-0013, VMSA-2012-0005
crypt_blowfish: hash collision
When the user has a password containing 8 bit characters, the Blowfish hashing algorithm of crypt() generates an invalid hash, which is potentially faster to find with a brute force...
CVE-2011-2483, DSA-2340-1, MDVSA-2011:161, MDVSA-2011:178, MDVSA-2011:179, MDVSA-2011:180, openSUSE-SU-2011:0921-1, openSUSE-SU-2011:0921-2, openSUSE-SU-2011:0970-1, openSUSE-SU-2011:0972-1, openSUSE-SU-2012:0480-1, openSUSE-SU-2013:1670-1, openSUSE-SU-2013:1676-1, RHSA-2011:1377-01, RHSA-2011:1378-01, SUSE-SA:2011:035, SUSE-SU-2011:0922-1, SUSE-SU-2011:0923-1, SUSE-SU-2011:0927-1, SUSE-SU-2011:0971-1, SUSE-SU-2011:0974-1, SUSE-SU-2011:0991-1, SUSE-SU-2011:1081-1, SUSE-SU-2011:1081-2, VIGILANCE-VUL-10934
foomatic-rip: code execution via PPD
When the system is configured to use a foomatic-rip or foomatic-rip-hplip print filter, a local attacker (or remote attacker via CUPS) can print a document, in order to execute code with privileges of the lp user...
698451, CVE-2011-2697, CVE-2011-2964, DSA-2380-1, FEDORA-2011-9554, FEDORA-2011-9575, MDVSA-2011:125, openSUSE-SU-2011:0892-1, RHSA-2011:1109-01, RHSA-2011:1110-01, SUSE-SU-2011:0895-1, VIGILANCE-VUL-10883
Our database contains other pages. You can request a free trial to read them.

Display information about Micro Focus Open Enterprise Server: