Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4636

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2008-4636
Last Modified 03 Dec 2008 01:45:12
Published 26 Nov 2008 07:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2008-4636

Summary

yast2-backup 2.14.2 through 2.16.6 on SUSE Linux and Novell Linux allows local users to gain privileges via shell metacharacters in filenames used by the backup process.

Vulnerable Systems

Operating System

  • Suse Yast2-backup 2.14.2

  • Suse Yast2-backup 2.16.6


References

BID - 32464

SECUNIA - 32832

SUSE - SUSE-SA:2008:054

XF - yast2backup-backup-command-execution(46879)

OSVDB - 50284

Related Patches

Novell SUSE 2008:5739 yast2-backup security update for SLE 10 SP1 i586


Last Updated: 27 May 2016 10:48:34