PT-2013-1492 · Suse · Suse Zypper+1

Published

2012-07-18

Updated

2013-12-03

CVE-2012-0420

CVSS v2.0

4.4

Medium

Vector

AV:L/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions SUSE Zypper versions prior to 1.3.20 SUSE Zypper versions 1.6.x prior to 1.6.166

Description The issue allows local users to create files in arbitrary directories, or possibly have unspecified other impact, via a pathname in the ZYPP LOCKFILE ROOT environment variable.

Recommendations For SUSE Zypper versions prior to 1.3.20, update to version 1.3.20 or later. For SUSE Zypper versions 1.6.x prior to 1.6.166, update to version 1.6.166 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2012-0420

SUSE-SU-2012_0889-1

Affected Products

Suse Zypper

Suse

PT-2013-1492 · Suse · Suse Zypper+1

CVE-2012-0420

Related Identifiers

Affected Products

References · 10