Описание
Security update for cryptctl
This update for cryptctl fixes an issue that could have allowed a malicious administrator to craft RPC requests to overwrite files outside of key database. (bsc#1041963 / CVE-2017-9270)
Список пакетов
SUSE Linux Enterprise Server for SAP Applications 12 SP2
cryptctl-1.2.6-5.3.11
Ссылки
- Link for SUSE-SU-2017:1865-1
- E-Mail link for SUSE-SU-2017:1865-1
- SUSE Security Ratings
- SUSE Bug 1041963
- SUSE CVE CVE-2017-9270 page
Описание
In cryptctl before version 2.0 a malicious server could send RPC requests that could overwrite files outside of the cryptctl key database.
Затронутые продукты
SUSE Linux Enterprise Server for SAP Applications 12 SP2:cryptctl-1.2.6-5.3.11
Ссылки
- CVE-2017-9270
- SUSE Bug 1041963