Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4432

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2007-4432
Last Modified 15 Nov 2008 01:57:00
Published 20 Aug 2007 03:17:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2007-4432

Summary

Untrusted search path vulnerability in the wrapper scripts for the (1) rug, (2) zen-updater, (3) zen-installer, and (4) zen-remover programs on SUSE Linux 10.1 and Enterprise 10 allows local users to gain privileges via modified (a) LD_LIBRARY_PATH and (b) MONO_GAC_PREFIX environment variables.

Vulnerable Systems

Operating System

  • Suse Linux 10

  • Suse Linux 10.1


References

SUSE - SUSE-SR:2007:017

OSVDB - 46784

OSVDB - 46783

OSVDB - 46782

OSVDB - 46781

SECUNIA - 26543


Last Updated: 27 May 2016 10:45:52