Vulnerabilities > CVE-2005-4772 - Unspecified vulnerability in Suse products

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

suse

NVD

Published: 2005-12-31

Updated: 2024-11-21

Summary

liby2util in Yet another Setup Tool (YaST) in SUSE Linux before 20051007 preserves permissions and ownerships when copying a remote repository, which might allow local users to read or modify sensitive files, possibly giving local users the ability to exploit CVE-2005-3013.

Vulnerable Configurations

Part	Description	Count
Application	Suse Suse Suse Sled Beagle 10.0 Suse Suse Linux Standard Server 8.0 Suse Suse Linux Openexchange Server 4.0 Suse Suse Linux School Server Gold	4
OS	Suse Suse Suse Linux 9.0 Suse Suse Linux 8.0 Suse Suse Linux 9.1 Suse Suse Linux 10.0 Suse Suse Linux 9.3 Suse Suse Linux 8 Suse Suse Linux 1.0 Suse Suse Linux 9.2 Suse Suse Linux 8.2	21

References

http://www.novell.com/linux/security/advisories/2005_22_sr.html
http://www.novell.com/linux/security/advisories/2005_22_sr.html
http://www.securityfocus.com/bid/15026
http://www.securityfocus.com/bid/15026