Detections
Analytics
SuSE 11 Security Update : Mono (SAT Patch Number 1100)
high Nessus Plugin ID 41371
Synopsis
The remote SuSE 11 host is missing one or more security updates.Description
The XML signature checker did not impose limits on the minimum length of HMAC signatures in XML documents. Attackers could therefore specify a length of e.g. 1 to make the signature appear valid and therefore effectively bypass verification of XML documents.Solution
Apply SAT patch number 1100.See Also
Plugin Details
Severity: High
ID: 41371
File Name: suse_11_bytefx-data-mysql-090715.nasl
Version: 1.10
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 9/24/2009
Updated: 1/14/2021
Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus
Vulnerability Information
CPE: p-cpe:/a:novell:suse_linux:11:bytefx-data-mysql, p-cpe:/a:novell:suse_linux:11:ibm-data-db2, p-cpe:/a:novell:suse_linux:11:mono-core, p-cpe:/a:novell:suse_linux:11:mono-data, p-cpe:/a:novell:suse_linux:11:mono-data-firebird, p-cpe:/a:novell:suse_linux:11:mono-data-oracle, p-cpe:/a:novell:suse_linux:11:mono-data-postgresql, p-cpe:/a:novell:suse_linux:11:mono-data-sqlite, p-cpe:/a:novell:suse_linux:11:mono-data-sybase, p-cpe:/a:novell:suse_linux:11:mono-devel, p-cpe:/a:novell:suse_linux:11:mono-extras, p-cpe:/a:novell:suse_linux:11:mono-jscript, p-cpe:/a:novell:suse_linux:11:mono-locale-extras, p-cpe:/a:novell:suse_linux:11:mono-nunit, p-cpe:/a:novell:suse_linux:11:mono-web, p-cpe:/a:novell:suse_linux:11:mono-winforms, cpe:/o:novell:suse_linux:11
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Patch Publication Date: 7/15/2009