SUSE: 2014:0917-1 High: Nfs Server Privilege Escalation
suse
May 31, 2013
An update that fixes one vulnerability is now available
Summary
The SUSE Linux Enterprise 11 SP2 Realtime kernel has been
updated to fix a critical security issue.
*
CVE-2013-2850: Incorrect strncpy usage in the network
listening part of the iscsi target driver could have been
used by remote attackers to crash the kernel or execute
code.
This required the iscsi target running on the machine
and the attacker able to make a network connection to it
(aka not filtered by firewalls).
Security Issue reference:
* CVE-2013-2850
Topics Covered
References
#821560
Cross- CVE-2013-2850
Affected Products:
SUSE Linux Enterprise Server 11 SP2 for VMware
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Real Time 11 SP2
SUSE Linux Enterprise High Availability Extension 11 SP2
SUSE Linux Enterprise Desktop 11 SP2
SLE 11 SERVER Unsupported Extras
https://www.suse.com/security/cve/CVE-2013-2850.html
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Announcement ID: SUSE-SU-2013:0845-1
Rating: critical
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!