CVE-2009-1648
SUSE Linux Enterprise Server 11 - Unprotected Network Service Exposure via YaST2 LDAP Module Firewall Misconfiguration
Title source: llmDescription
The YaST2 LDAP module in yast2-ldap-server on SUSE Linux Enterprise Server 11 (aka SLE11) does not enable the firewall in certain circumstances involving reboots during online updates, which makes it easier for remote attackers to access network services.
References (2)
Core 2
Core References
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/35685
Vendor Advisory vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
Scores
EPSS
0.0046
EPSS Percentile
64.3%
Details
CWE
CWE-16
Status
published
Products (1)
suse/suse_linux
11 (2 CPE variants)
Published
Jul 05, 2009
Tracked Since
Feb 18, 2026