DescriptionSUSE Lifecycle Management Server (SLMS) before 1.3.7 does not generate a new secret key when the service starts, which allows remote attackers to defeat intended cryptographic protection mechanisms by leveraging knowledge of this key from a product installation elsewhere.
Overall state of this security issue: Resolved
This issue is currently rated as having critical severity.
|National Vulnerability Database|
- SUSE-SU-2013:1813-1, published Tue Dec 3 17:04:27 MST 2013
List of released packages
|Product(s)||Fixed package version(s)||References|
|SUSE Lifecycle Management Server 1.3|| ||Patchnames:
|SUSE Lifecycle Management Server 1.3|| ||
SAT Patch Nr: 8586