Upstream information

CVE-2008-2388 at MITRE

Description

Multiple off-by-one errors in opensuse-updater in openSUSE 10.2 have unspecified impact and attack vectors. NOTE: the vendor states that these "can be considered no security problem."

SUSE information

Overall state of this security issue: Ignore

This issue is currently rated as having critical severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 10
Vector AV:N/AC:L/Au:N/C:C/I:C/A:C
Access Vector Network
Access Complexity Low
Authentication None
Confidentiality Impact Complete
Integrity Impact Complete
Availability Impact Complete
SUSE Bugzilla entry: 386689 [RESOLVED / FIXED]

SUSE Security Advisories: