SUSE WebYaST prior to 1.2 0.2.63-0.6.1 allows remote malicious users to modify the hosts list, and subsequently conduct man-in-the-middle attacks, via a crafted /host request on TCP port 4984.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
suse webyast 1.2 |