Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Webyast
(Suse)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 4 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2013-12-23 | CVE-2013-3709 | WebYaST 1.3 uses weak permissions for config/initializers/secret_token.rb, which allows local users to gain privileges by reading the Rails secret token from this file. | Suse_lifecycle_management_server, Studio_onsite, Webyast | N/A | ||
| 2013-01-26 | CVE-2012-0435 | SUSE WebYaST before 1.2 0.2.63-0.6.1 allows remote attackers to modify the hosts list, and subsequently conduct man-in-the-middle attacks, via a crafted /host request on TCP port 4984. | Webyast | N/A |