The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Novell Open Enterprise Server

Novell Open Enterprise Server: buffer overflow via iPrint
A remote attacker can generate a buffer overflow in Novell iPrint Server, in order to execute code...
7010084, BID-51791, CVE-2011-4194, VIGILANCE-VUL-11338, ZDI-12-031
Linux kernel: memory reading via ipc
A local attacker can use an IPC, in order to read bytes stored in the kernel memory...
BID-43828, BID-43829, BID-45054, BID-45073, CERTA-2002-AVI-272, CVE-2010-4072, CVE-2010-4073, DSA-2126-1, ESX400-201110001, ESX400-201110401-SG, ESX400-201110403-SG, ESX400-201110406-SG, ESX400-201110408-SG, ESX400-201110409-SG, ESX400-201110410-SG, FEDORA-2010-18432, FEDORA-2010-18493, FEDORA-2010-18506, MDVSA-2011:029, MDVSA-2011:051, openSUSE-SU-2010:1047-1, openSUSE-SU-2011:0004-1, openSUSE-SU-2011:0048-1, openSUSE-SU-2011:0346-1, openSUSE-SU-2013:0927-1, RHSA-2010:0958-01, RHSA-2011:0007-01, RHSA-2011:0017-01, RHSA-2011:0162-01, SUSE-SA:2010:060, SUSE-SA:2011:001, SUSE-SA:2011:004, SUSE-SA:2011:007, SUSE-SA:2011:008, SUSE-SA:2011:017, SUSE-SU-2011:0928-1, VIGILANCE-VUL-10008, VMSA-2011-0004.2, VMSA-2011-0009.1, VMSA-2011-0010.2, VMSA-2011-0012, VMSA-2011-0012.1, VMSA-2011-0013, VMSA-2012-0005
crypt_blowfish: hash collision
When the user has a password containing 8 bit characters, the Blowfish hashing algorithm of crypt() generates an invalid hash, which is potentially faster to find with a brute force...
CVE-2011-2483, DSA-2340-1, MDVSA-2011:161, MDVSA-2011:178, MDVSA-2011:179, MDVSA-2011:180, openSUSE-SU-2011:0921-1, openSUSE-SU-2011:0921-2, openSUSE-SU-2011:0970-1, openSUSE-SU-2011:0972-1, openSUSE-SU-2012:0480-1, openSUSE-SU-2013:1670-1, openSUSE-SU-2013:1676-1, RHSA-2011:1377-01, RHSA-2011:1378-01, SUSE-SA:2011:035, SUSE-SU-2011:0922-1, SUSE-SU-2011:0923-1, SUSE-SU-2011:0927-1, SUSE-SU-2011:0971-1, SUSE-SU-2011:0974-1, SUSE-SU-2011:0991-1, SUSE-SU-2011:1081-1, SUSE-SU-2011:1081-2, VIGILANCE-VUL-10934
foomatic-rip: code execution via PPD
When the system is configured to use a foomatic-rip or foomatic-rip-hplip print filter, a local attacker (or remote attacker via CUPS) can print a document, in order to execute code with privileges of the lp user...
698451, CVE-2011-2697, CVE-2011-2964, DSA-2380-1, FEDORA-2011-9554, FEDORA-2011-9575, MDVSA-2011:125, openSUSE-SU-2011:0892-1, RHSA-2011:1109-01, RHSA-2011:1110-01, SUSE-SU-2011:0895-1, VIGILANCE-VUL-10883
Samba: two vulnerabilities of SWAT
An attacker can use two vulnerabilities of Samba Web Administration Tool, in order to create a Cross Site Request Forgery and a Cross Site Scripting...
8289, 8290, 8347, BID-48899, BID-48901, c03297338, CERTA-2011-AVI-416, CERTA-2011-AVI-493, CERTA-2012-AVI-232, CVE-2011-2522, CVE-2011-2694, DSA-2290-1, FEDORA-2011-10341, FEDORA-2011-10367, HPSBUX02768, MDVSA-2011:121, openSUSE-SU-2011:0998-1, RHSA-2011:1219-01, RHSA-2011:1220-01, RHSA-2011:1221-01, SSA:2011-210-03, SSRT100664, SUSE-SU-2011:0981-1, SUSE-SU-2011:0999-1, SUSE-SU-2011:1001-1, SUSE-SU-2011:1002-1, VIGILANCE-VUL-10871
ClamAV: denial of service via cli_hm_scan
An attacker can send an email containing a malicious attachment, in order to generate an error in the cli_hm_scan() function, which stops ClamAV...
2818, BID-48891, CVE-2011-2721, FEDORA-2011-10053, FEDORA-2011-10090, MDVSA-2011:122, openSUSE-SU-2011:0940-1, SUSE-SU-2011:0948-1, VIGILANCE-VUL-10870
libpng: denial of service via sCAL
An attacker can invite the victim to display a malicious PNG image, in order to generate a denial of service in applications linked to libpng...
BID-48618, CERTA-2003-AVI-037, CVE-2011-2692, DSA-2287-1, FEDORA-2011-10928, FEDORA-2011-10954, FEDORA-2011-8844, FEDORA-2011-8867, FEDORA-2011-9336, FEDORA-2011-9343, MDVSA-2011:151, openSUSE-SU-2011:0915-1, RHSA-2011:1103-01, RHSA-2011:1104-01, RHSA-2011:1105-01, SUSE-SU-2011:0916-1, SUSE-SU-2011:0919-1, VIGILANCE-VUL-10820, VU#819894
libpng: denial of service of png_format_buffer
An attacker can invite the victim to display a malformed PNG image, in order to stop applications linked to libpng...
BID-48474, BID-48660, CERTA-2003-AVI-037, CVE-2011-2501, CVE-2011-2691, DSA-2287-1, FEDORA-2011-8844, FEDORA-2011-8867, FEDORA-2011-8868, FEDORA-2011-8874, FEDORA-2011-9336, FEDORA-2011-9343, MDVSA-2011:151, openSUSE-SU-2011:0915-1, RHSA-2011:1105-01, SUSE-SU-2011:0916-1, SUSE-SU-2011:0919-1, VIGILANCE-VUL-10782
Java JRE/JDK: several vulnerabilities
Several vulnerabilities of Java JRE/JDK can be used by a malicious applet/application in order to execute code or to obtain information. A legitimate applet/application, handling malicious data, can also be forced to execute code...
BID-48133, BID-48134, BID-48135, BID-48136, BID-48137, BID-48138, BID-48139, BID-48140, BID-48141, BID-48142, BID-48143, BID-48144, BID-48145, BID-48146, BID-48147, BID-48148, BID-48149, c02945548, c03316985, c03358587, c03405642, CERTA-2003-AVI-005, CERTA-2011-AVI-336, CERTA-2012-AVI-286, CERTA-2012-AVI-395, CVE-2011-0786, CVE-2011-0788, CVE-2011-0802, CVE-2011-0814, CVE-2011-0815, CVE-2011-0817, CVE-2011-0862, CVE-2011-0863, CVE-2011-0864, CVE-2011-0865, CVE-2011-0866, CVE-2011-0867, CVE-2011-0868, CVE-2011-0869, CVE-2011-0871, CVE-2011-0872, CVE-2011-0873, DSA-2311-1, DSA-2358-1, FEDORA-2011-8003, FEDORA-2011-8020, FEDORA-2011-8028, HPSBMU02797, HPSBMU02799, HPSBUX02697, HPSBUX02777, javacpujune2011, MDVSA-2011:126, openSUSE-SU-2011:0633-1, openSUSE-SU-2011:0706-1, PSN-2012-08-686, PSN-2012-08-687, PSN-2012-08-688, PSN-2012-08-689, PSN-2012-08-690, RHSA-2011:0856-01, RHSA-2011:0857-01, RHSA-2011:0860-01, RHSA-2011:0938-01, RHSA-2011:1087-01, RHSA-2011:1159-01, RHSA-2011:1265-01, RHSA-2013:1455-01, RHSA-2013:1456-01, SSRT100591, SSRT100854, SSRT100867, SUSE-SA:2011:030, SUSE-SA:2011:032, SUSE-SA:2011:036, SUSE-SU-2011:0632-1, SUSE-SU-2011:0807-1, SUSE-SU-2011:0863-1, SUSE-SU-2011:0863-2, SUSE-SU-2011:0966-1, SUSE-SU-2011:1082-1, TPTI-11-06, VIGILANCE-VUL-10722, VMSA-2011-0013.1, ZDI-11-182, ZDI-11-183, ZDI-11-184, ZDI-11-185, ZDI-11-186, ZDI-11-187, ZDI-11-188, ZDI-11-189, ZDI-11-190, ZDI-11-191, ZDI-11-192, ZDI-11-199
Cyrus IMAP: command injection with STARTTLS
Even when the IMAP client checks the TLS certificate of the messaging server, an attacker can inject commands in the session...
3424, CVE-2011-1926, DSA-2242-1, DSA-2258-1, FEDORA-2011-7193, FEDORA-2011-7217, MDVSA-2011:100, openSUSE-SU-2011:0800-1, RHSA-2011:0859-01, SUSE-SU-2011:0767-1, SUSE-SU-2011:0776-1, SUSE-SU-2011:0776-2, SUSE-SU-2011:0791-1, VIGILANCE-VUL-10617
Our database contains other pages. You can request a free trial to read them.

Display information about Novell Open Enterprise Server: