CVE-2006-5616
https://notcve.org/view.php?id=CVE-2006-5616
Multiple unspecified vulnerabilities in OpenPBS, as used in SUSE Linux 9.2 through 10.1, allow attackers to execute arbitrary code via unspecified vectors. Múltiples vulnerabilidades no especificadas en OpenPBS, tal y como se usa en SUSE Linux 9.2 hasta la 10.1, permite a un atacante ejecutar código de su elección a través de vectores no especificados. • http://lists.suse.com/archive/suse-security-announce/2006-Oct/0007.html http://secunia.com/advisories/22637 http://secunia.com/advisories/24716 http://security.gentoo.org/glsa/glsa-200704-04.xml http://www.securityfocus.com/bid/20776 http://www.vupen.com/english/advisories/2006/4250 https://exchange.xforce.ibmcloud.com/vulnerabilities/29944 •
CVE-2006-2658
https://notcve.org/view.php?id=CVE-2006-2658
Directory traversal vulnerability in the xsp component in mod_mono in Mono/C# web server, as used in SUSE Open-Enterprise-Server 1 and SUSE Linux 9.2 through 10.0, allows remote attackers to read arbitrary files via a .. (dot dot) sequence in an HTTP request. Vulnerabilidad de atravesamiento de directorios en el componente xsp en mod_mono en Mono/C# web server, es usado en SUSE Open-Enterprise-Server 1 y SUSE Linux 9.2 hasta la 10.0, permite a un atacante remoto leer ficheros de su elección a través de la secuencia ..(punto punto)en una respueta HTTP. • http://lists.suse.com/archive/suse-security-announce/2006-Sep/0005.html http://secunia.com/advisories/21840 http://secunia.com/advisories/21847 http://securitytracker.com/id?1016821 http://www.securityfocus.com/bid/19929 http://www.vupen.com/english/advisories/2006/3552 •
CVE-2006-2752
https://notcve.org/view.php?id=CVE-2006-2752
The RedCarpet /etc/ximian/rcd.conf configuration file in Novell Linux Desktop 9 and SUSE SLES 9 has world-readable permissions, which allows attackers to obtain the rc (RedCarpet) password. El RedCarpet /etc/Ximian/rcd.conf, archivo de configuración en Novell Linux Desktop 9 y SUSE SLES 9 tiene permisos de lectura en todo el mundo, lo que permite a los atacantes obtener el rc (RedCarpet) contraseña. • http://secunia.com/advisories/20396 http://www.securityfocus.com/archive/1/435491/100/0/threaded •
CVE-2006-2703
https://notcve.org/view.php?id=CVE-2006-2703
The RedCarpet command-line client (rug) does not verify SSL certificates from a server, which allows remote attackers to read network traffic and execute commands via a man-in-the-middle (MITM) attack. • http://secunia.com/advisories/20396 http://www.securityfocus.com/archive/1/435491/100/0/threaded http://www.securityfocus.com/bid/18193 •
CVE-2006-0745 – X.Org X11 (X11R6.9.0/X11R7.0) - Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2006-0745
X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and (1) execute arbitrary code via the -modulepath command line option or (2) overwrite arbitrary files via -logfile. • https://www.exploit-db.com/exploits/1596 http://secunia.com/advisories/19256 http://secunia.com/advisories/19307 http://secunia.com/advisories/19311 http://secunia.com/advisories/19316 http://secunia.com/advisories/19676 http://securityreason.com/securityalert/606 http://securitytracker.com/id?1015793 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102252-1 http://support.avaya.com/elmodocs2/security/ASA-2006-078.htm http://www.mandriva.com/security/advisories?name=MDKSA •