
CVE-2006-6662
https://notcve.org/view.php?id=CVE-2006-6662
20 Dec 2006 — Unspecified vulnerability in Linux User Management (novell-lum) on SUSE Linux Enterprise Desktop 10 and Open Enterprise Server 9, under unspecified conditions, allows local users to log in to the console without a password. Vulnerabilidad sin especificar en el Linux User Management (novell-lum) de SUSE Linux Enterprise Desktop 10 y Open Enterprise Server 9, bajo condiciones sin especificar, permite a usuarios locales validarse en la consola sin contraseña. • http://secunia.com/advisories/23409 • CWE-264: Permissions, Privileges, and Access Controls •

CVE-2006-5616
https://notcve.org/view.php?id=CVE-2006-5616
31 Oct 2006 — Multiple unspecified vulnerabilities in OpenPBS, as used in SUSE Linux 9.2 through 10.1, allow attackers to execute arbitrary code via unspecified vectors. Múltiples vulnerabilidades no especificadas en OpenPBS, tal y como se usa en SUSE Linux 9.2 hasta la 10.1, permite a un atacante ejecutar código de su elección a través de vectores no especificados. • http://lists.suse.com/archive/suse-security-announce/2006-Oct/0007.html •

CVE-2006-2658
https://notcve.org/view.php?id=CVE-2006-2658
12 Sep 2006 — Directory traversal vulnerability in the xsp component in mod_mono in Mono/C# web server, as used in SUSE Open-Enterprise-Server 1 and SUSE Linux 9.2 through 10.0, allows remote attackers to read arbitrary files via a .. (dot dot) sequence in an HTTP request. Vulnerabilidad de atravesamiento de directorios en el componente xsp en mod_mono en Mono/C# web server, es usado en SUSE Open-Enterprise-Server 1 y SUSE Linux 9.2 hasta la 10.0, permite a un atacante remoto leer ficheros de su elección a través de la s... • http://lists.suse.com/archive/suse-security-announce/2006-Sep/0005.html •

CVE-2006-0745 – X.Org X11 (X11R6.9.0/X11R7.0) - Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2006-0745
21 Mar 2006 — X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and (1) execute arbitrary code via the -modulepath command line option or (2) overwrite arbitrary files via -logfile. • https://www.exploit-db.com/exploits/1596 •

CVE-2006-0803
https://notcve.org/view.php?id=CVE-2006-0803
23 Feb 2006 — The signature verification functionality in the YaST Online Update (YOU) script handling relies on a gpg feature that is not intended for signature verification, which prevents YOU from detecting malicious scripts or code that do not pass the signature check when gpg 1.4.x is being used. • http://www.novell.com/linux/security/advisories/2006_09_gpg.html •

CVE-2006-0646
https://notcve.org/view.php?id=CVE-2006-0646
11 Feb 2006 — ld in SUSE Linux 9.1 through 10.0, and SLES 9, in certain circumstances when linking binaries, can leave an empty RPATH or RUNPATH, which allows local attackers to execute arbitrary code as other users via by running an ld-linked application from the current directory, which could contain an attacker-controlled library file. • http://lists.suse.com/archive/suse-security-announce/2006-Feb/0003.html •

CVE-2006-0043
https://notcve.org/view.php?id=CVE-2006-0043
31 Jan 2006 — Buffer overflow in the realpath function in nfs-server rpc.mountd, as used in SUSE Linux 9.1 through 10.0, allows local users to execute arbitrary code via unspecified vectors involving mount requests and symlinks. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=350020 •

CVE-2005-4772
https://notcve.org/view.php?id=CVE-2005-4772
31 Dec 2005 — liby2util in Yet another Setup Tool (YaST) in SUSE Linux before 20051007 preserves permissions and ownerships when copying a remote repository, which might allow local users to read or modify sensitive files, possibly giving local users the ability to exploit CVE-2005-3013. • http://www.novell.com/linux/security/advisories/2005_22_sr.html •

CVE-2005-4778
https://notcve.org/view.php?id=CVE-2005-4778
31 Dec 2005 — The powersave daemon in SUSE Linux 10.0 before 20051007 has an unspecified "configuration problem," which allows local users to suspend the computer and possibly perform certain other unauthorized actions. • http://lists.suse.com/archive/suse-security-announce/2005-Oct/0002.html •

CVE-2005-4790
https://notcve.org/view.php?id=CVE-2005-4790
31 Dec 2005 — Multiple untrusted search path vulnerabilities in SUSE Linux 9.3 and 10.0, and possibly other distributions, cause the working directory to be added to LD_LIBRARY_PATH, which might allow local users to execute arbitrary code via (1) beagle, (2) tomboy, or (3) blam. NOTE: in August 2007, the tomboy vector was reported for other distributions. • http://bugs.gentoo.org/show_bug.cgi?id=188806 •