Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1551

Overview

Vulnerability Score 6.9 6.9
CVE Id CVE-2011-1551
Last Modified 06 Sep 2011 11:16:10
Published 30 Mar 2011 06:55:02
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2011-1551

Summary

SUSE openSUSE Factory assigns ownership of the /var/log/cobbler/ directory tree to the web-service user account, which might allow local users to gain privileges by leveraging access to this account during root filesystem operations by the Cobbler daemon.

Vulnerable Systems

Operating System

  • Novell Opensuse Factory


References

XF - opensuse-cobbler-priv-escalation(66487)

MLIST - [oss-security] 20110323 Re: CVE Request -- logrotate -- nine issues


Last Updated: 27 May 2016 10:56:22