CVE-2011-4190

The kdump implementation is missing the host key verification in the kdump and mkdumprd OpenSSH integration of kdump prior to version 2012-01-20. This is similar to CVE-2011-3588, but different in that the kdump implementation is specific to SUSE. A remote malicious kdump server could use this flaw to impersonate the correct kdump server to obtain security sensitive information (kdump core files).
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:o:suse:suse_linux_enterprise_server:11.0:sp1:*:*:ltss:*:*:*
cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp1:*:*:*:*:*:*
cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp1:*:*:*:*:*:*
cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp1:*:*:*:sap_aio:*:*

Information

Published : 2018-06-08 10:29

Updated : 2019-10-09 16:03


NVD link : CVE-2011-4190

Mitre link : CVE-2011-4190


JSON object : View

CWE
CWE-310

Cryptographic Issues

Advertisement

dedicated server usa

Products Affected

suse

  • suse_linux_enterprise_desktop
  • suse_linux_enterprise_server