Novell Home

CVE-2014-0595

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2014-0595 at MITRE

Description

/opt/novell/ncl/bin/nwrights in Novell Client for Linux in Novell Open Enterprise Server (OES) 11 Linux SP2 does not properly manage a certain array, which allows local users to obtain the S permission in opportunistic circumstances by leveraging the granting of the F permission by an administrator.

NVD CVSS v2 Base Score: 2.6 (AV:L/AC:H/Au:N/C:P/I:P/A:N)

Novell/SUSE information

Novell Bugzilla entry: 872796

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Desktop 11 SP3
  • novell-qtgui >= 3.0.0-0.20.1
  • novell-qtgui-cli >= 3.0.0-0.20.1
  • novell-ui-base >= 3.0.0-0.10.1
Builds
SAT Patch Nr: 9276

© 2014 Novell