Remote Access Vulnerability in SUSE WebYaST Product
CVE-2012-0435

Currently unrated

Key Information:

Vendor: Suse
Status: Webyast
Vendor: CVE Published:; 26 January 2013

Summary

SUSE WebYaST prior to version 1.2 0.2.63-0.6.1 is susceptible to remote exploitation where attackers can manipulate the hosts list through a malicious /host request sent to TCP port 4984. This vulnerability enables unauthorized modifications which may facilitate man-in-the-middle attacks, compromising the integrity and confidentiality of data transmissions. It is crucial for users of affected versions to implement security patches or upgrade to mitigate these risks.

References

http://www.kb.cert.org/vuls/id/806908

third-party-advisoryx_refsource_CERT-VN

http://support.novell.com/security/cve/CVE-2012-0435.html

x_refsource_CONFIRM

https://bugzilla.novell.com/show_bug.cgi?id=792712

x_refsource_CONFIRM

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jan 26, 2013