PT-2004-2793 · Suse · Yast Online Update+1

Published

2004-12-31

Updated

2017-07-11

CVE-2004-1895

CVSS v2.0

2.1

Low

Vector

AV:L/AC:L/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions SuSE versions 8.2 and 9.0

Description The issue allows local users to overwrite arbitrary files via a symlink attack on the you-$USER/cookies directory.

Recommendations For SuSE version 8.2, update the YaST Online Update (YOU) package to prevent symlink attacks. For SuSE version 9.0, update the YaST Online Update (YOU) package to prevent symlink attacks.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2004-1895

Affected Products

Suse

Yast Online Update

PT-2004-2793 · Suse · Yast Online Update+1

CVE-2004-1895

Related Identifiers

Affected Products

References · 8