Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2017-15638 (GCVE-0-2017-15638)
Vulnerability from cvelistv5 – Published: 2017-11-09 19:00 – Updated: 2024-08-05 19:57
VLAI?
EPSS
Summary
The SuSEfirewall2 package before 3.6.312-2.13.1 in SUSE Linux Enterprise (SLE) Desktop 12 SP2, Server 12 SP2, and Server for Raspberry Pi 12 SP2; before 3.6.312.333-3.10.1 in SLE Desktop 12 SP3 and Server 12 SP3; before 3.6_SVNr208-2.18.3.1 in SLE Server 11 SP4; before 3.6.312-5.9.1 in openSUSE Leap 42.2; and before 3.6.312.333-7.1 in openSUSE Leap 42.3 might allow remote attackers to bypass intended access restrictions on the portmap service by leveraging a missing source net restriction for _rpc_ services.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Date Public ?
2017-11-07 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:57:27.615Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2017:2940",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2017-11/msg00014.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-11-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The SuSEfirewall2 package before 3.6.312-2.13.1 in SUSE Linux Enterprise (SLE) Desktop 12 SP2, Server 12 SP2, and Server for Raspberry Pi 12 SP2; before 3.6.312.333-3.10.1 in SLE Desktop 12 SP3 and Server 12 SP3; before 3.6_SVNr208-2.18.3.1 in SLE Server 11 SP4; before 3.6.312-5.9.1 in openSUSE Leap 42.2; and before 3.6.312.333-7.1 in openSUSE Leap 42.3 might allow remote attackers to bypass intended access restrictions on the portmap service by leveraging a missing source net restriction for _rpc_ services."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-09T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "openSUSE-SU-2017:2940",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2017-11/msg00014.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-15638",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The SuSEfirewall2 package before 3.6.312-2.13.1 in SUSE Linux Enterprise (SLE) Desktop 12 SP2, Server 12 SP2, and Server for Raspberry Pi 12 SP2; before 3.6.312.333-3.10.1 in SLE Desktop 12 SP3 and Server 12 SP3; before 3.6_SVNr208-2.18.3.1 in SLE Server 11 SP4; before 3.6.312-5.9.1 in openSUSE Leap 42.2; and before 3.6.312.333-7.1 in openSUSE Leap 42.3 might allow remote attackers to bypass intended access restrictions on the portmap service by leveraging a missing source net restriction for _rpc_ services."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2017:2940",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2017-11/msg00014.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-15638",
"datePublished": "2017-11-09T19:00:00.000Z",
"dateReserved": "2017-10-19T00:00:00.000Z",
"dateUpdated": "2024-08-05T19:57:27.615Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2017-15638",
"date": "2026-04-30",
"epss": "0.0022",
"percentile": "0.44484"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2017-15638\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2017-11-10T02:29:18.543\",\"lastModified\":\"2025-04-20T01:37:25.860\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The SuSEfirewall2 package before 3.6.312-2.13.1 in SUSE Linux Enterprise (SLE) Desktop 12 SP2, Server 12 SP2, and Server for Raspberry Pi 12 SP2; before 3.6.312.333-3.10.1 in SLE Desktop 12 SP3 and Server 12 SP3; before 3.6_SVNr208-2.18.3.1 in SLE Server 11 SP4; before 3.6.312-5.9.1 in openSUSE Leap 42.2; and before 3.6.312.333-7.1 in openSUSE Leap 42.3 might allow remote attackers to bypass intended access restrictions on the portmap service by leveraging a missing source net restriction for _rpc_ services.\"},{\"lang\":\"es\",\"value\":\"El paquete SuSEfirewall2 en versiones anteriores a la 3.6.312-2.13.1 en SUSE Linux Enterprise (SLE) Desktop 12 SP2, Server 12 SP2 y Server para Raspberry Pi 12 SP2; en versiones anteriores a la 3.6.312.333-3.10.1 en SLE Desktop 12 SP3 y Server 12 SP3; en versiones anteriores a la 3.6_SVNr208-2.18.3.1 en SLE Server 11 SP4; en versiones anteriores a la 3.6.312-5.9.1 en openSUSE Leap 42.2 y en versiones anteriores a la 3.6.312.333-7.1 en openSUSE Leap 42.3 podr\u00eda permitir que atacantes remotos omitan las restricciones de acceso planeadas en el servicio portmap aprovechando la ausencia de una restricci\u00f3n de red de origen para servicios _rpc_.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":2.5}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:P\",\"baseScore\":6.4,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:susefirewall2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A285BB5-22CD-460E-88AE-A0B068DC38C5\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1EA337A3-B9A3-4962-B8BD-8E0C7C5B28EB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_desktop:12:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"57CFAD92-EECD-417D-ADDB-8178C320B204\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1DCD75C-9775-4922-8A44-C4707C640946\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*\",\"matchCriteriaId\":\"55C5561F-BE86-4EEA-99D4-8697F8BD9DFE\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:12:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"F84B2729-7B52-4505-9656-1BD31B980705\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:12:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"631BB7F0-5F27-4244-8E72-428DA824C75B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server_for_raspberry_pi:12:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"4605D055-EA6E-4C90-9277-AC067E1BD02D\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-updates/2017-11/msg00014.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2017-11/msg00014.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
SUSE-SU-2017:2932-1
Vulnerability from csaf_suse - Published: 2017-11-06 08:38 - Updated: 2017-11-06 08:38Summary
Security update for SuSEfirewall2
Severity
Moderate
Notes
Title of the patch: Security update for SuSEfirewall2
Description of the patch: This update for SuSEfirewall2 fixes the following issues:
- CVE-2017-15638: Fixed a security issue with too open implicit portmapper rules
(bsc#1064127): A source net restriction for _rpc_ services
was not taken into account for the implicitly added rules for port 111,
making the portmap service accessible to everyone in the affected zone.
Patchnames: SUSE-SLE-DESKTOP-12-SP2-2017-1814,SUSE-SLE-RPI-12-SP2-2017-1814,SUSE-SLE-SERVER-12-SP2-2017-1814
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for SuSEfirewall2",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for SuSEfirewall2 fixes the following issues:\n\n- CVE-2017-15638: Fixed a security issue with too open implicit portmapper rules\n (bsc#1064127): A source net restriction for _rpc_ services\n was not taken into account for the implicitly added rules for port 111,\n making the portmap service accessible to everyone in the affected zone.\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-DESKTOP-12-SP2-2017-1814,SUSE-SLE-RPI-12-SP2-2017-1814,SUSE-SLE-SERVER-12-SP2-2017-1814",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_2932-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2017:2932-1",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172932-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2017:2932-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2017-November/003373.html"
},
{
"category": "self",
"summary": "SUSE Bug 1064127",
"url": "https://bugzilla.suse.com/1064127"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-15638 page",
"url": "https://www.suse.com/security/cve/CVE-2017-15638/"
}
],
"title": "Security update for SuSEfirewall2",
"tracking": {
"current_release_date": "2017-11-06T08:38:39Z",
"generator": {
"date": "2017-11-06T08:38:39Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2017:2932-1",
"initial_release_date": "2017-11-06T08:38:39Z",
"revision_history": [
{
"date": "2017-11-06T08:38:39Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "SuSEfirewall2-3.6.312-2.13.1.noarch",
"product": {
"name": "SuSEfirewall2-3.6.312-2.13.1.noarch",
"product_id": "SuSEfirewall2-3.6.312-2.13.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Desktop 12 SP2",
"product_id": "SUSE Linux Enterprise Desktop 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sled:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_id": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "SuSEfirewall2-3.6.312-2.13.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP2",
"product_id": "SUSE Linux Enterprise Desktop 12 SP2:SuSEfirewall2-3.6.312-2.13.1.noarch"
},
"product_reference": "SuSEfirewall2-3.6.312-2.13.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "SuSEfirewall2-3.6.312-2.13.1.noarch as component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_id": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:SuSEfirewall2-3.6.312-2.13.1.noarch"
},
"product_reference": "SuSEfirewall2-3.6.312-2.13.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "SuSEfirewall2-3.6.312-2.13.1.noarch as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:SuSEfirewall2-3.6.312-2.13.1.noarch"
},
"product_reference": "SuSEfirewall2-3.6.312-2.13.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "SuSEfirewall2-3.6.312-2.13.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:SuSEfirewall2-3.6.312-2.13.1.noarch"
},
"product_reference": "SuSEfirewall2-3.6.312-2.13.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-15638",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-15638"
}
],
"notes": [
{
"category": "general",
"text": "The SuSEfirewall2 package before 3.6.312-2.13.1 in SUSE Linux Enterprise (SLE) Desktop 12 SP2, Server 12 SP2, and Server for Raspberry Pi 12 SP2; before 3.6.312.333-3.10.1 in SLE Desktop 12 SP3 and Server 12 SP3; before 3.6_SVNr208-2.18.3.1 in SLE Server 11 SP4; before 3.6.312-5.9.1 in openSUSE Leap 42.2; and before 3.6.312.333-7.1 in openSUSE Leap 42.3 might allow remote attackers to bypass intended access restrictions on the portmap service by leveraging a missing source net restriction for _rpc_ services.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:SuSEfirewall2-3.6.312-2.13.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:SuSEfirewall2-3.6.312-2.13.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:SuSEfirewall2-3.6.312-2.13.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:SuSEfirewall2-3.6.312-2.13.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-15638",
"url": "https://www.suse.com/security/cve/CVE-2017-15638"
},
{
"category": "external",
"summary": "SUSE Bug 1064127 for CVE-2017-15638",
"url": "https://bugzilla.suse.com/1064127"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:SuSEfirewall2-3.6.312-2.13.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:SuSEfirewall2-3.6.312-2.13.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:SuSEfirewall2-3.6.312-2.13.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:SuSEfirewall2-3.6.312-2.13.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:SuSEfirewall2-3.6.312-2.13.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:SuSEfirewall2-3.6.312-2.13.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:SuSEfirewall2-3.6.312-2.13.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:SuSEfirewall2-3.6.312-2.13.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-11-06T08:38:39Z",
"details": "moderate"
}
],
"title": "CVE-2017-15638"
}
]
}
SUSE-SU-2017:2923-1
Vulnerability from csaf_suse - Published: 2017-11-02 12:09 - Updated: 2017-11-02 12:09Summary
Security update for SuSEfirewall2
Severity
Moderate
Notes
Title of the patch: Security update for SuSEfirewall2
Description of the patch: This update for SuSEfirewall2 fixes the following issues:
- CVE-2017-15638: Fixed a security issue with too open implicit portmapper rules
(bsc#1064127): A source net restriction for _rpc_ services
was not taken into account for the implicitly added rules for port 111,
making the portmap service accessible to everyone in the affected zone.
Patchnames: slessp4-SuSEfirewall2-13333
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
| URL | Category | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for SuSEfirewall2",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for SuSEfirewall2 fixes the following issues:\n\n- CVE-2017-15638: Fixed a security issue with too open implicit portmapper rules\n (bsc#1064127): A source net restriction for _rpc_ services\n was not taken into account for the implicitly added rules for port 111,\n making the portmap service accessible to everyone in the affected zone.\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "slessp4-SuSEfirewall2-13333",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_2923-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2017:2923-1",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172923-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2017:2923-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2017-November/003370.html"
},
{
"category": "self",
"summary": "SUSE Bug 1064127",
"url": "https://bugzilla.suse.com/1064127"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-15638 page",
"url": "https://www.suse.com/security/cve/CVE-2017-15638/"
}
],
"title": "Security update for SuSEfirewall2",
"tracking": {
"current_release_date": "2017-11-02T12:09:35Z",
"generator": {
"date": "2017-11-02T12:09:35Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2017:2923-1",
"initial_release_date": "2017-11-02T12:09:35Z",
"revision_history": [
{
"date": "2017-11-02T12:09:35Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "SuSEfirewall2-3.6_SVNr208-2.18.3.1.noarch",
"product": {
"name": "SuSEfirewall2-3.6_SVNr208-2.18.3.1.noarch",
"product_id": "SuSEfirewall2-3.6_SVNr208-2.18.3.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles:11:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:11:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "SuSEfirewall2-3.6_SVNr208-2.18.3.1.noarch as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:SuSEfirewall2-3.6_SVNr208-2.18.3.1.noarch"
},
"product_reference": "SuSEfirewall2-3.6_SVNr208-2.18.3.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "SuSEfirewall2-3.6_SVNr208-2.18.3.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:SuSEfirewall2-3.6_SVNr208-2.18.3.1.noarch"
},
"product_reference": "SuSEfirewall2-3.6_SVNr208-2.18.3.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-15638",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-15638"
}
],
"notes": [
{
"category": "general",
"text": "The SuSEfirewall2 package before 3.6.312-2.13.1 in SUSE Linux Enterprise (SLE) Desktop 12 SP2, Server 12 SP2, and Server for Raspberry Pi 12 SP2; before 3.6.312.333-3.10.1 in SLE Desktop 12 SP3 and Server 12 SP3; before 3.6_SVNr208-2.18.3.1 in SLE Server 11 SP4; before 3.6.312-5.9.1 in openSUSE Leap 42.2; and before 3.6.312.333-7.1 in openSUSE Leap 42.3 might allow remote attackers to bypass intended access restrictions on the portmap service by leveraging a missing source net restriction for _rpc_ services.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:SuSEfirewall2-3.6_SVNr208-2.18.3.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:SuSEfirewall2-3.6_SVNr208-2.18.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-15638",
"url": "https://www.suse.com/security/cve/CVE-2017-15638"
},
{
"category": "external",
"summary": "SUSE Bug 1064127 for CVE-2017-15638",
"url": "https://bugzilla.suse.com/1064127"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:SuSEfirewall2-3.6_SVNr208-2.18.3.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:SuSEfirewall2-3.6_SVNr208-2.18.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:SuSEfirewall2-3.6_SVNr208-2.18.3.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:SuSEfirewall2-3.6_SVNr208-2.18.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-11-02T12:09:35Z",
"details": "moderate"
}
],
"title": "CVE-2017-15638"
}
]
}
SUSE-SU-2017:2935-1
Vulnerability from csaf_suse - Published: 2017-11-06 16:19 - Updated: 2017-11-06 16:19Summary
Security update for SuSEfirewall2
Severity
Moderate
Notes
Title of the patch: Security update for SuSEfirewall2
Description of the patch: This update for SuSEfirewall2 fixes the following issues:
- CVE-2017-15638: Fixed security issue with too open implicit portmapper rules
(bsc#1064127): A source net restriction for _rpc_ services
was not taken into account for the implicitly added rules for port 111,
making the portmap service accessible to everyone in the affected zone when
the 'rpc' matching was used.
Patchnames: SUSE-SLE-DESKTOP-12-SP3-2017-1822,SUSE-SLE-SERVER-12-SP3-2017-1822
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
| URL | Category | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for SuSEfirewall2",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for SuSEfirewall2 fixes the following issues:\n\n- CVE-2017-15638: Fixed security issue with too open implicit portmapper rules\n (bsc#1064127): A source net restriction for _rpc_ services\n was not taken into account for the implicitly added rules for port 111,\n making the portmap service accessible to everyone in the affected zone when\n the \u0027rpc\u0027 matching was used.\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-DESKTOP-12-SP3-2017-1822,SUSE-SLE-SERVER-12-SP3-2017-1822",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_2935-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2017:2935-1",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172935-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2017:2935-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2017-November/003375.html"
},
{
"category": "self",
"summary": "SUSE Bug 1064127",
"url": "https://bugzilla.suse.com/1064127"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-15638 page",
"url": "https://www.suse.com/security/cve/CVE-2017-15638/"
}
],
"title": "Security update for SuSEfirewall2",
"tracking": {
"current_release_date": "2017-11-06T16:19:18Z",
"generator": {
"date": "2017-11-06T16:19:18Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2017:2935-1",
"initial_release_date": "2017-11-06T16:19:18Z",
"revision_history": [
{
"date": "2017-11-06T16:19:18Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "SuSEfirewall2-3.6.312.333-3.10.1.noarch",
"product": {
"name": "SuSEfirewall2-3.6.312.333-3.10.1.noarch",
"product_id": "SuSEfirewall2-3.6.312.333-3.10.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sled:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "SuSEfirewall2-3.6.312.333-3.10.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:SuSEfirewall2-3.6.312.333-3.10.1.noarch"
},
"product_reference": "SuSEfirewall2-3.6.312.333-3.10.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "SuSEfirewall2-3.6.312.333-3.10.1.noarch as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:SuSEfirewall2-3.6.312.333-3.10.1.noarch"
},
"product_reference": "SuSEfirewall2-3.6.312.333-3.10.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "SuSEfirewall2-3.6.312.333-3.10.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:SuSEfirewall2-3.6.312.333-3.10.1.noarch"
},
"product_reference": "SuSEfirewall2-3.6.312.333-3.10.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-15638",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-15638"
}
],
"notes": [
{
"category": "general",
"text": "The SuSEfirewall2 package before 3.6.312-2.13.1 in SUSE Linux Enterprise (SLE) Desktop 12 SP2, Server 12 SP2, and Server for Raspberry Pi 12 SP2; before 3.6.312.333-3.10.1 in SLE Desktop 12 SP3 and Server 12 SP3; before 3.6_SVNr208-2.18.3.1 in SLE Server 11 SP4; before 3.6.312-5.9.1 in openSUSE Leap 42.2; and before 3.6.312.333-7.1 in openSUSE Leap 42.3 might allow remote attackers to bypass intended access restrictions on the portmap service by leveraging a missing source net restriction for _rpc_ services.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:SuSEfirewall2-3.6.312.333-3.10.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:SuSEfirewall2-3.6.312.333-3.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:SuSEfirewall2-3.6.312.333-3.10.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-15638",
"url": "https://www.suse.com/security/cve/CVE-2017-15638"
},
{
"category": "external",
"summary": "SUSE Bug 1064127 for CVE-2017-15638",
"url": "https://bugzilla.suse.com/1064127"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:SuSEfirewall2-3.6.312.333-3.10.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:SuSEfirewall2-3.6.312.333-3.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:SuSEfirewall2-3.6.312.333-3.10.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:SuSEfirewall2-3.6.312.333-3.10.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:SuSEfirewall2-3.6.312.333-3.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:SuSEfirewall2-3.6.312.333-3.10.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-11-06T16:19:18Z",
"details": "moderate"
}
],
"title": "CVE-2017-15638"
}
]
}
GSD-2017-15638
Vulnerability from gsd - Updated: 2023-12-13 01:20Details
The SuSEfirewall2 package before 3.6.312-2.13.1 in SUSE Linux Enterprise (SLE) Desktop 12 SP2, Server 12 SP2, and Server for Raspberry Pi 12 SP2; before 3.6.312.333-3.10.1 in SLE Desktop 12 SP3 and Server 12 SP3; before 3.6_SVNr208-2.18.3.1 in SLE Server 11 SP4; before 3.6.312-5.9.1 in openSUSE Leap 42.2; and before 3.6.312.333-7.1 in openSUSE Leap 42.3 might allow remote attackers to bypass intended access restrictions on the portmap service by leveraging a missing source net restriction for _rpc_ services.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2017-15638",
"description": "The SuSEfirewall2 package before 3.6.312-2.13.1 in SUSE Linux Enterprise (SLE) Desktop 12 SP2, Server 12 SP2, and Server for Raspberry Pi 12 SP2; before 3.6.312.333-3.10.1 in SLE Desktop 12 SP3 and Server 12 SP3; before 3.6_SVNr208-2.18.3.1 in SLE Server 11 SP4; before 3.6.312-5.9.1 in openSUSE Leap 42.2; and before 3.6.312.333-7.1 in openSUSE Leap 42.3 might allow remote attackers to bypass intended access restrictions on the portmap service by leveraging a missing source net restriction for _rpc_ services.",
"id": "GSD-2017-15638",
"references": [
"https://www.suse.com/security/cve/CVE-2017-15638.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2017-15638"
],
"details": "The SuSEfirewall2 package before 3.6.312-2.13.1 in SUSE Linux Enterprise (SLE) Desktop 12 SP2, Server 12 SP2, and Server for Raspberry Pi 12 SP2; before 3.6.312.333-3.10.1 in SLE Desktop 12 SP3 and Server 12 SP3; before 3.6_SVNr208-2.18.3.1 in SLE Server 11 SP4; before 3.6.312-5.9.1 in openSUSE Leap 42.2; and before 3.6.312.333-7.1 in openSUSE Leap 42.3 might allow remote attackers to bypass intended access restrictions on the portmap service by leveraging a missing source net restriction for _rpc_ services.",
"id": "GSD-2017-15638",
"modified": "2023-12-13T01:20:58.465444Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-15638",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The SuSEfirewall2 package before 3.6.312-2.13.1 in SUSE Linux Enterprise (SLE) Desktop 12 SP2, Server 12 SP2, and Server for Raspberry Pi 12 SP2; before 3.6.312.333-3.10.1 in SLE Desktop 12 SP3 and Server 12 SP3; before 3.6_SVNr208-2.18.3.1 in SLE Server 11 SP4; before 3.6.312-5.9.1 in openSUSE Leap 42.2; and before 3.6.312.333-7.1 in openSUSE Leap 42.3 might allow remote attackers to bypass intended access restrictions on the portmap service by leveraging a missing source net restriction for _rpc_ services."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2017:2940",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2017-11/msg00014.html"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:suse:susefirewall2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:12:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:12:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server_for_raspberry_pi:12:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-15638"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "The SuSEfirewall2 package before 3.6.312-2.13.1 in SUSE Linux Enterprise (SLE) Desktop 12 SP2, Server 12 SP2, and Server for Raspberry Pi 12 SP2; before 3.6.312.333-3.10.1 in SLE Desktop 12 SP3 and Server 12 SP3; before 3.6_SVNr208-2.18.3.1 in SLE Server 11 SP4; before 3.6.312-5.9.1 in openSUSE Leap 42.2; and before 3.6.312.333-7.1 in openSUSE Leap 42.3 might allow remote attackers to bypass intended access restrictions on the portmap service by leveraging a missing source net restriction for _rpc_ services."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2017:2940",
"refsource": "SUSE",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2017-11/msg00014.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
},
"lastModifiedDate": "2019-10-03T00:03Z",
"publishedDate": "2017-11-10T02:29Z"
}
}
}
GHSA-V93V-G9VQ-9V7P
Vulnerability from github – Published: 2022-05-13 01:44 – Updated: 2022-05-13 01:44
VLAI?
Details
The SuSEfirewall2 package before 3.6.312-2.13.1 in SUSE Linux Enterprise (SLE) Desktop 12 SP2, Server 12 SP2, and Server for Raspberry Pi 12 SP2; before 3.6.312.333-3.10.1 in SLE Desktop 12 SP3 and Server 12 SP3; before 3.6_SVNr208-2.18.3.1 in SLE Server 11 SP4; before 3.6.312-5.9.1 in openSUSE Leap 42.2; and before 3.6.312.333-7.1 in openSUSE Leap 42.3 might allow remote attackers to bypass intended access restrictions on the portmap service by leveraging a missing source net restriction for rpc services.
Severity ?
6.5 (Medium)
{
"affected": [],
"aliases": [
"CVE-2017-15638"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-11-10T02:29:00Z",
"severity": "MODERATE"
},
"details": "The SuSEfirewall2 package before 3.6.312-2.13.1 in SUSE Linux Enterprise (SLE) Desktop 12 SP2, Server 12 SP2, and Server for Raspberry Pi 12 SP2; before 3.6.312.333-3.10.1 in SLE Desktop 12 SP3 and Server 12 SP3; before 3.6_SVNr208-2.18.3.1 in SLE Server 11 SP4; before 3.6.312-5.9.1 in openSUSE Leap 42.2; and before 3.6.312.333-7.1 in openSUSE Leap 42.3 might allow remote attackers to bypass intended access restrictions on the portmap service by leveraging a missing source net restriction for _rpc_ services.",
"id": "GHSA-v93v-g9vq-9v7p",
"modified": "2022-05-13T01:44:00Z",
"published": "2022-05-13T01:44:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15638"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-updates/2017-11/msg00014.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"type": "CVSS_V3"
}
]
}
VAR-201711-0484
Vulnerability from variot - Updated: 2025-04-20 23:39The SuSEfirewall2 package before 3.6.312-2.13.1 in SUSE Linux Enterprise (SLE) Desktop 12 SP2, Server 12 SP2, and Server for Raspberry Pi 12 SP2; before 3.6.312.333-3.10.1 in SLE Desktop 12 SP3 and Server 12 SP3; before 3.6_SVNr208-2.18.3.1 in SLE Server 11 SP4; before 3.6.312-5.9.1 in openSUSE Leap 42.2; and before 3.6.312.333-7.1 in openSUSE Leap 42.3 might allow remote attackers to bypass intended access restrictions on the portmap service by leveraging a missing source net restriction for rpc services. SuSEfirewall2 The package contains vulnerabilities related to authorization, permissions, and access control.Information is obtained and service operation is interrupted (DoS) There is a possibility of being put into a state. SUSE Linux Enterprise (SLE) Desktop, etc. are all products of SUSE Corporation in the United States. SUSE Linux Enterprise (SLE) Desktop is an enterprise-level Linux desktop version system. SLE Server is a server version of Linux system. SuSEfirewall2 package is one of the packages with network data filtering function. There are security vulnerabilities in the SuSEfirewall2 package in many SUSE products. A remote attacker can exploit this vulnerability to bypass the access restrictions of the port forwarding service
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201711-0484",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "susefirewall2",
"scope": "eq",
"trust": 1.6,
"vendor": "suse",
"version": null
},
{
"model": "susefirewall2",
"scope": "lt",
"trust": 0.8,
"vendor": "suse",
"version": "3.6.312-2.13.1"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-010288"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-893"
},
{
"db": "NVD",
"id": "CVE-2017-15638"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:suse:susefirewall2",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-010288"
}
]
},
"cve": "CVE-2017-15638",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2017-15638",
"impactScore": 4.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-106480",
"impactScore": 4.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"id": "CVE-2017-15638",
"impactScore": 2.5,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-15638",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2017-15638",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201710-893",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-106480",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2017-15638",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-106480"
},
{
"db": "VULMON",
"id": "CVE-2017-15638"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010288"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-893"
},
{
"db": "NVD",
"id": "CVE-2017-15638"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The SuSEfirewall2 package before 3.6.312-2.13.1 in SUSE Linux Enterprise (SLE) Desktop 12 SP2, Server 12 SP2, and Server for Raspberry Pi 12 SP2; before 3.6.312.333-3.10.1 in SLE Desktop 12 SP3 and Server 12 SP3; before 3.6_SVNr208-2.18.3.1 in SLE Server 11 SP4; before 3.6.312-5.9.1 in openSUSE Leap 42.2; and before 3.6.312.333-7.1 in openSUSE Leap 42.3 might allow remote attackers to bypass intended access restrictions on the portmap service by leveraging a missing source net restriction for _rpc_ services. SuSEfirewall2 The package contains vulnerabilities related to authorization, permissions, and access control.Information is obtained and service operation is interrupted (DoS) There is a possibility of being put into a state. SUSE Linux Enterprise (SLE) Desktop, etc. are all products of SUSE Corporation in the United States. SUSE Linux Enterprise (SLE) Desktop is an enterprise-level Linux desktop version system. SLE Server is a server version of Linux system. SuSEfirewall2 package is one of the packages with network data filtering function. There are security vulnerabilities in the SuSEfirewall2 package in many SUSE products. A remote attacker can exploit this vulnerability to bypass the access restrictions of the port forwarding service",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-15638"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010288"
},
{
"db": "VULHUB",
"id": "VHN-106480"
},
{
"db": "VULMON",
"id": "CVE-2017-15638"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-15638",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010288",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201710-893",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-106480",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2017-15638",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-106480"
},
{
"db": "VULMON",
"id": "CVE-2017-15638"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010288"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-893"
},
{
"db": "NVD",
"id": "CVE-2017-15638"
}
]
},
"id": "VAR-201711-0484",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-106480"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-20T23:39:59.798000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "openSUSE-SU-2017:2940",
"trust": 0.8,
"url": "https://lists.opensuse.org/opensuse-updates/2017-11/msg00014.html"
},
{
"title": "Multiple SUSE product SuSEfirewall2 Repair measures for package security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=100118"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-010288"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-893"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-106480"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010288"
},
{
"db": "NVD",
"id": "CVE-2017-15638"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-updates/2017-11/msg00014.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-15638"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-15638"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://www.rapid7.com/db/vulnerabilities/suse-cve-2017-15638"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-106480"
},
{
"db": "VULMON",
"id": "CVE-2017-15638"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010288"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-893"
},
{
"db": "NVD",
"id": "CVE-2017-15638"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-106480"
},
{
"db": "VULMON",
"id": "CVE-2017-15638"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010288"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-893"
},
{
"db": "NVD",
"id": "CVE-2017-15638"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-10T00:00:00",
"db": "VULHUB",
"id": "VHN-106480"
},
{
"date": "2017-11-10T00:00:00",
"db": "VULMON",
"id": "CVE-2017-15638"
},
{
"date": "2017-12-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010288"
},
{
"date": "2017-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201710-893"
},
{
"date": "2017-11-10T02:29:18.543000",
"db": "NVD",
"id": "CVE-2017-15638"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-106480"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULMON",
"id": "CVE-2017-15638"
},
{
"date": "2017-12-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010288"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201710-893"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-15638"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201710-893"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SuSEfirewall2 Vulnerabilities related to authorization, permissions, and access control in packages",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-010288"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201710-893"
}
],
"trust": 0.6
}
}
CNVD-2017-37619
Vulnerability from cnvd - Published: 2017-12-20
VLAI Severity ?
Title
多款SUSE产品SuSEfirewall2包安全绕过漏洞
Description
SUSE Linux Enterprise(SLE)Desktop等都是美国SUSE公司的产品。SUSE Linux Enterprise(SLE)Desktop是一套企业级Linux桌面版系统。SLE Server是一套服务器版Linux系统。SuSEfirewall2 package是其中的一个具有网络数据过滤功能的包。
多款SUSE产品中的SuSEfirewall2包存在安全漏洞。远程攻击者可利用该漏洞绕过端口映射服务的访问限制。
Severity
中
Patch Name
多款SUSE产品SuSEfirewall2包安全绕过漏洞的补丁
Patch Description
SUSE Linux Enterprise(SLE)Desktop等都是美国SUSE公司的产品。SUSE Linux Enterprise(SLE)Desktop是一套企业级Linux桌面版系统。SLE Server是一套服务器版Linux系统。SuSEfirewall2 package是其中的一个具有网络数据过滤功能的包。
多款SUSE产品中的SuSEfirewall2包存在安全漏洞。远程攻击者可利用该漏洞绕过端口映射服务的访问限制。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
目前厂商已发布升级补丁以修复漏洞,补丁获取链接: https://lists.opensuse.org/opensuse-updates/2017-11/msg00014.html
Reference
http://lists.opensuse.org/opensuse-updates/2017-11/msg00014.html
Impacted products
| Name | ['SuSE Linux Enterprise (SLE) Desktop 12 SP2 <SuSEfirewall2包3.6.312-2.13.1', 'SuSE SLE Server 12 SP2 <SuSEfirewall2包3.6.312-2.13.1', 'SuSE SLE Server for Raspberry Pi 12 SP2 <SuSEfirewall2包3.6.312-2.13.1', 'SuSE SLE Desktop 12 SP3 <SuSEfirewall2包3.6.312.333-3.10.1', 'SuSE SLE Server 11 SP4 <SuSEfirewall2包3.6_SVNr208-2.18.3.1', 'SuSE openSUSE Leap 42.2 <SuSEfirewall2包3.6.312-5.9.1', 'SuSE openSUSE Leap 42.3 <SuSEfirewall2包3.6.312.333-7.1'] |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2017-15638",
"cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15638"
}
},
"description": "SUSE Linux Enterprise\uff08SLE\uff09Desktop\u7b49\u90fd\u662f\u7f8e\u56fdSUSE\u516c\u53f8\u7684\u4ea7\u54c1\u3002SUSE Linux Enterprise\uff08SLE\uff09Desktop\u662f\u4e00\u5957\u4f01\u4e1a\u7ea7Linux\u684c\u9762\u7248\u7cfb\u7edf\u3002SLE Server\u662f\u4e00\u5957\u670d\u52a1\u5668\u7248Linux\u7cfb\u7edf\u3002SuSEfirewall2 package\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u5177\u6709\u7f51\u7edc\u6570\u636e\u8fc7\u6ee4\u529f\u80fd\u7684\u5305\u3002\r\n\r\n\u591a\u6b3eSUSE\u4ea7\u54c1\u4e2d\u7684SuSEfirewall2\u5305\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7\u7aef\u53e3\u6620\u5c04\u670d\u52a1\u7684\u8bbf\u95ee\u9650\u5236\u3002",
"discovererName": "unknow",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://lists.opensuse.org/opensuse-updates/2017-11/msg00014.html",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2017-37619",
"openTime": "2017-12-20",
"patchDescription": "SUSE Linux Enterprise\uff08SLE\uff09Desktop\u7b49\u90fd\u662f\u7f8e\u56fdSUSE\u516c\u53f8\u7684\u4ea7\u54c1\u3002SUSE Linux Enterprise\uff08SLE\uff09Desktop\u662f\u4e00\u5957\u4f01\u4e1a\u7ea7Linux\u684c\u9762\u7248\u7cfb\u7edf\u3002SLE Server\u662f\u4e00\u5957\u670d\u52a1\u5668\u7248Linux\u7cfb\u7edf\u3002SuSEfirewall2 package\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u5177\u6709\u7f51\u7edc\u6570\u636e\u8fc7\u6ee4\u529f\u80fd\u7684\u5305\u3002\r\n\r\n\u591a\u6b3eSUSE\u4ea7\u54c1\u4e2d\u7684SuSEfirewall2\u5305\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7\u7aef\u53e3\u6620\u5c04\u670d\u52a1\u7684\u8bbf\u95ee\u9650\u5236\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "\u591a\u6b3eSUSE\u4ea7\u54c1SuSEfirewall2\u5305\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": [
"SuSE Linux Enterprise (SLE) Desktop 12 SP2 \u003cSuSEfirewall2\u53053.6.312-2.13.1",
"SuSE SLE Server 12 SP2 \u003cSuSEfirewall2\u53053.6.312-2.13.1",
"SuSE SLE Server for Raspberry Pi 12 SP2 \u003cSuSEfirewall2\u53053.6.312-2.13.1",
"SuSE SLE Desktop 12 SP3 \u003cSuSEfirewall2\u53053.6.312.333-3.10.1",
"SuSE SLE Server 11 SP4 \u003cSuSEfirewall2\u53053.6_SVNr208-2.18.3.1",
"SuSE openSUSE Leap 42.2 \u003cSuSEfirewall2\u53053.6.312-5.9.1",
"SuSE openSUSE Leap 42.3 \u003cSuSEfirewall2\u53053.6.312.333-7.1"
]
},
"referenceLink": "http://lists.opensuse.org/opensuse-updates/2017-11/msg00014.html",
"serverity": "\u4e2d",
"submitTime": "2017-11-20",
"title": "\u591a\u6b3eSUSE\u4ea7\u54c1SuSEfirewall2\u5305\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e"
}
FKIE_CVE-2017-15638
Vulnerability from fkie_nvd - Published: 2017-11-10 02:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
The SuSEfirewall2 package before 3.6.312-2.13.1 in SUSE Linux Enterprise (SLE) Desktop 12 SP2, Server 12 SP2, and Server for Raspberry Pi 12 SP2; before 3.6.312.333-3.10.1 in SLE Desktop 12 SP3 and Server 12 SP3; before 3.6_SVNr208-2.18.3.1 in SLE Server 11 SP4; before 3.6.312-5.9.1 in openSUSE Leap 42.2; and before 3.6.312.333-7.1 in openSUSE Leap 42.3 might allow remote attackers to bypass intended access restrictions on the portmap service by leveraging a missing source net restriction for _rpc_ services.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| suse | susefirewall2 | - | |
| opensuse | leap | 42.2 | |
| opensuse | leap | 42.3 | |
| suse | linux_enterprise_desktop | 12 | |
| suse | linux_enterprise_desktop | 12 | |
| suse | linux_enterprise_server | 11 | |
| suse | linux_enterprise_server | 12 | |
| suse | linux_enterprise_server | 12 | |
| suse | linux_enterprise_server_for_raspberry_pi | 12 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:susefirewall2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0A285BB5-22CD-460E-88AE-A0B068DC38C5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EA337A3-B9A3-4962-B8BD-8E0C7C5B28EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp2:*:*:*:*:*:*",
"matchCriteriaId": "57CFAD92-EECD-417D-ADDB-8178C320B204",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3:*:*:*:*:*:*",
"matchCriteriaId": "C1DCD75C-9775-4922-8A44-C4707C640946",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*",
"matchCriteriaId": "55C5561F-BE86-4EEA-99D4-8697F8BD9DFE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:sp2:*:*:*:*:*:*",
"matchCriteriaId": "F84B2729-7B52-4505-9656-1BD31B980705",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:sp3:*:*:*:*:*:*",
"matchCriteriaId": "631BB7F0-5F27-4244-8E72-428DA824C75B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server_for_raspberry_pi:12:sp2:*:*:*:*:*:*",
"matchCriteriaId": "4605D055-EA6E-4C90-9277-AC067E1BD02D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The SuSEfirewall2 package before 3.6.312-2.13.1 in SUSE Linux Enterprise (SLE) Desktop 12 SP2, Server 12 SP2, and Server for Raspberry Pi 12 SP2; before 3.6.312.333-3.10.1 in SLE Desktop 12 SP3 and Server 12 SP3; before 3.6_SVNr208-2.18.3.1 in SLE Server 11 SP4; before 3.6.312-5.9.1 in openSUSE Leap 42.2; and before 3.6.312.333-7.1 in openSUSE Leap 42.3 might allow remote attackers to bypass intended access restrictions on the portmap service by leveraging a missing source net restriction for _rpc_ services."
},
{
"lang": "es",
"value": "El paquete SuSEfirewall2 en versiones anteriores a la 3.6.312-2.13.1 en SUSE Linux Enterprise (SLE) Desktop 12 SP2, Server 12 SP2 y Server para Raspberry Pi 12 SP2; en versiones anteriores a la 3.6.312.333-3.10.1 en SLE Desktop 12 SP3 y Server 12 SP3; en versiones anteriores a la 3.6_SVNr208-2.18.3.1 en SLE Server 11 SP4; en versiones anteriores a la 3.6.312-5.9.1 en openSUSE Leap 42.2 y en versiones anteriores a la 3.6.312.333-7.1 en openSUSE Leap 42.3 podr\u00eda permitir que atacantes remotos omitan las restricciones de acceso planeadas en el servicio portmap aprovechando la ausencia de una restricci\u00f3n de red de origen para servicios _rpc_."
}
],
"id": "CVE-2017-15638",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-11-10T02:29:18.543",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2017-11/msg00014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2017-11/msg00014.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…