Novell Home

CVE-2012-0435

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2012-0435 at MITRE

Description

SUSE WebYaST before 1.2 0.2.63-0.6.1 allows remote attackers to modify the hosts list, and subsequently conduct man-in-the-middle attacks, via a crafted /host request on TCP port 4984.

NVD CVSS v2 Base Score: 5.8 (AV:N/AC:M/Au:N/C:P/I:P/A:N)

Novell/SUSE information

Novell Bugzilla entry: 792712

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Studio Standard Edition 1.2
  • webyast-base-ui >= 0.2.63-0.6.1
Builds
SAT Patch Nr: 7236
WebYaST 1.2
  • webyast-base-ui >= 0.2.63-0.6.1
  • webyast-base-ui-branding-default >= 0.2.63-0.6.1
  • webyast-base-ui-testsuite >= 0.2.63-0.6.1
Builds
SAT Patch Nr: 7236

© 2014 Novell