CVE-2008-2234

Name of the Vulnerable Software and Affected Versions Openwsman versions 1.2.0 through 2.0.0 libwsman1 (affected versions not specified) openwsman-devel (affected versions not specified) openwsman-server (affected versions not specified) openwsman-client (affected versions not specified) libwsman-devel (affected versions not specified) openwsman (affected versions not specified) openwsman-debugsource (affected versions not specified) openwsman-ruby (affected versions not specified) openwsman-python (affected versions not specified) openwsman-debuginfo (affected versions not specified)

Description The issue involves multiple vulnerabilities in the Openwsman package of the openSUSE operating system, which can lead to breaches of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely. Specifically, multiple buffer overflows in Openwsman 1.2.0 and 2.0.0 allow remote attackers to execute arbitrary code via a crafted "Authorization: Basic" HTTP header.

Recommendations For Openwsman versions 1.2.0 through 2.0.0, update to a version that is not affected by the buffer overflow vulnerability. For libwsman1, openwsman-devel, openwsman-server, openwsman-client, libwsman-devel, openwsman, openwsman-debugsource, openwsman-ruby, openwsman-python, and openwsman-debuginfo, at the moment, there is no information about a newer version that contains a fix for this vulnerability.