Novell Home

CVE-2011-2660

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2011-2660 at MITRE

Description

The modify_resolvconf_suse script in the vpnc package before 0.5.1-55.10.1 in SUSE Linux Enterprise Desktop 11 SP1 might allow remote attackers to execute arbitrary commands via a crafted DNS domain name.

NVD CVSS v2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

Novell/SUSE information

Novell Bugzilla entry: 708656

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SLE 11 SP1 DEBUGINFO
  • vpnc-debuginfo >= 0.5.1-55.10.1
  • vpnc-debugsource >= 0.5.1-55.10.1
sled11-sp1.x86
sled11-sp1.x86-64
SAT Patch Nr: 5027
SUSE Linux Enterprise Desktop 11 SP1
  • vpnc >= 0.5.1-55.10.1
sled11-sp1.x86
sled11-sp1.x86-64
SAT Patch Nr: 5027
SUSE Linux Enterprise Server 10 SP3 DEBUGINFO
  • vpnc-debuginfo >= 0.5.1-1.7.1
sle10-sp3-sdk.s390x
sles10-sp3-debuginfo.x86
sles10-sp3-debuginfo.x86-64
sle10-sp3-sdk.x86-64
sle10-sp3-sdk.x86
sle10-sp3-sdk.ia64
sle10-sp3-sdk.ppc
ZYPP Patch Nr: 7691
SUSE Linux Enterprise SDK 10 SP3
  • vpnc >= 0.5.1-1.7.1
sle10-sp3-sdk.s390x
sles10-sp3-debuginfo.x86
sles10-sp3-debuginfo.x86-64
sle10-sp3-sdk.x86-64
sle10-sp3-sdk.x86
sle10-sp3-sdk.ia64
sle10-sp3-sdk.ppc
ZYPP Patch Nr: 7691
SLE SDK 10 SP4 for IBM iSeries and IBM pSeries
SLE SDK 10 SP4 for IBM zSeries
SLE SDK 10 SP4 for IPF
SLE SDK 10 SP4 for X86-64
SLE SDK 10 SP4 for x86
SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T
SUSE Linux Enterprise Desktop 10 SP4 for x86
  • vpnc >= 0.5.1-1.7.1
sle10-sp4-sdk.s390x
sle10-sp4-sdk.x86
sles10-sp4-debuginfo.x86
sled10-sp4.x86-64
sles10-sp4-debuginfo.x86-64
sle10-sp4-sdk.ppc
sled10-sp4.x86
sle10-sp4-sdk.x86-64
sle10-sp4-sdk.ia64
ZYPP Patch Nr: 7692
SUSE Linux Enterprise 10 SP4 DEBUGINFO for AMD64 and Intel EM64T
SUSE Linux Enterprise 10 SP4 DEBUGINFO for x86
  • vpnc-debuginfo >= 0.5.1-1.7.1
sle10-sp4-sdk.s390x
sle10-sp4-sdk.x86
sles10-sp4-debuginfo.x86
sled10-sp4.x86-64
sles10-sp4-debuginfo.x86-64
sle10-sp4-sdk.ppc
sled10-sp4.x86
sle10-sp4-sdk.x86-64
sle10-sp4-sdk.ia64
ZYPP Patch Nr: 7692

© 2014 Novell