Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4772

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2005-4772
Last Modified 05 Sep 2008 04:57:47
Published 31 Dec 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-4772

Summary

liby2util in Yet another Setup Tool (YaST) in SUSE Linux before 20051007 preserves permissions and ownerships when copying a remote repository, which might allow local users to read or modify sensitive files, possibly giving local users the ability to exploit CVE-2005-3013.

Vulnerable Systems

Operating System

  • Suse Linux 1.0

  • Suse Linux 10.0

  • Suse Linux 8

  • Suse Linux 8.0

  • Suse Linux 8.2

  • Suse Linux 9.0

  • Suse Linux 9.1

  • Suse Linux 9.2

  • Suse Linux 9.3

Application

  • Suse Linux Openexchange Server 4.0

  • Suse Linux School Server Gold

  • Suse Linux Standard Server 8.0

  • Suse Sled Beagle 10.0


References

BID - 15026

SUSE - SUSE-SR:2005:022


Last Updated: 27 May 2016 10:41:26