NotCVE - vendor:"Novell" product:"Suse Cloud"

Page 7 of 33 results (0.002 seconds)

CVSS: 4.3EPSS: 0%CPEs: 108EXPL: 0

CVE-2015-7976

https://notcve.org/view.php?id=CVE-2015-7976

The ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows attackers to cause unspecified impact via a crafted filename. El comando savconfig ntpq en NTP 4.1.2, 4.2.x en versiones anteriores a 4.2.8p6, 4.3, 4.3.25, 4.3.70 y 4.3.77 no filtra adecuadamente caracteres especiales, lo que permite a atacantes causar un impacto no especificado a través de un nombre de archivo manipulado. • http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html http://lists.opensuse.org/opensuse-security-announce/2016-08 • CWE-254: 7PK - Security Features •

CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 0

CVE-2014-0592

https://notcve.org/view.php?id=CVE-2014-0592

Barclamp (aka barclamp-network) 1.7 for the Crowbar Framework, as used in SUSE Cloud 3, does not enable netfilter on bridges when creating new instances, which allows remote attackers to bypass security group restrictions via unspecified vectors, related to floating IPs. Barclamp (también conocido como barclamp-network) 1.7 para el framework de Crowbar, utilizado en SUSE Cloud 3, no habilita netfilter en puentes cuando crea instancias nuevas, lo que permite a atacantes remotos evadir restricciones de seguridad de grupo a través de vectores no especificados, relacionado con IPs flotantes. • http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00025.html http://secunia.com/advisories/57509 http://www.securityfocus.com/bid/66519 https://bugzilla.novell.com/show_bug.cgi?id=864183 https://github.com/crowbar/barclamp-network/pull/269 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

CVE-2012-0434

https://notcve.org/view.php?id=CVE-2012-0434

The server in Crowbar, as used in SUSE Cloud 1.0, uses weak permissions for the production.log file, which has unspecified impact and attack vectors. El servidor en Crowbar, tal y como se utiliza en SUSE Cloud 1.0, usa permisos débiles para el archivo production.log, el cual tiene un impacto y vectores de ataque sin especificar. • https://bugzilla.novell.com/show_bug.cgi?id=784857 https://support.novell.com/security/cve/CVE-2012-0434.html https://www.suse.com/support/update/announcement/2013/suse-ru-20130020-1.html • CWE-264: Permissions, Privileges, and Access Controls •

1...5 6 7