Vulnerability in Suse Webyast
CVE-2012-0435
SUSE WebYaST before 1.2 0.2.63-0.6.1 allows remote attackers to modify the hosts list, and subsequently conduct man-in-the-middle attacks, via a crafted /host request on TCP port 4984.
EPSS: 0.007 (72.2th percentile) — read the EPSS interpretation.
Affected products
- Suse Webyast — versions 1.2
- N/a — versions n/a
References
- VU#806908 (x_refsource_CERT-VN, US Government Resource, third-party-advisory)
- cve@mitre.org (x_refsource_CONFIRM)
- cve@mitre.org (x_refsource_CONFIRM)
- SUSE-SU-2013:0053 (vendor-advisory, x_refsource_SUSE)