PT-2005-5453 · Suse+3 · Suse Linux+3

Lubomir Kundrak

Published

2005-12-31

Updated

2018-10-30

CVE-2005-4790

CVSS v2.0

6.9

Medium

Vector

AV:L/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions SUSE Linux versions 9.3 and 10.0

Description The issue is caused by multiple untrusted search path vulnerabilities that add the working directory to LD LIBRARY PATH. This might allow local users to execute arbitrary code via certain applications. The affected applications include beagle, tomboy, and blam.

Recommendations For SUSE Linux versions 9.3 and 10.0, consider restricting access to the affected applications beagle, tomboy, and blam until a fix is available. As a temporary workaround, avoid using the LD LIBRARY PATH variable in sensitive operations to minimize the risk of exploitation. Restrict the working directory permissions to prevent unauthorized access.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-4790

Affected Products

Suse Linux

Beagle

Blam

Tomboy

PT-2005-5453 · Suse+3 · Suse Linux+3

CVE-2005-4790

Related Identifiers

Affected Products

References · 23