Vulnerabilites related to suse - suse_sled_beagle
CVE-2005-4772 (GCVE-0-2005-4772)
Vulnerability from cvelistv5
Published
2006-04-07 10:00
Modified
2024-08-08 00:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
liby2util in Yet another Setup Tool (YaST) in SUSE Linux before 20051007 preserves permissions and ownerships when copying a remote repository, which might allow local users to read or modify sensitive files, possibly giving local users the ability to exploit CVE-2005-3013.
References
► | URL | Tags | ||||||
---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:01:22.185Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SR:2005:022", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2005_22_sr.html" }, { "name": "15026", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/15026" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2005-10-07T00:00:00", "descriptions": [ { "lang": "en", "value": "liby2util in Yet another Setup Tool (YaST) in SUSE Linux before 20051007 preserves permissions and ownerships when copying a remote repository, which might allow local users to read or modify sensitive files, possibly giving local users the ability to exploit CVE-2005-3013." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2006-04-28T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "SUSE-SR:2005:022", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2005_22_sr.html" }, { "name": "15026", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/15026" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2005-4772", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "liby2util in Yet another Setup Tool (YaST) in SUSE Linux before 20051007 preserves permissions and ownerships when copying a remote repository, which might allow local users to read or modify sensitive files, possibly giving local users the ability to exploit CVE-2005-3013." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SR:2005:022", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2005_22_sr.html" }, { "name": "15026", "refsource": "BID", "url": "http://www.securityfocus.com/bid/15026" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2005-4772", "datePublished": "2006-04-07T10:00:00", "dateReserved": "2006-04-07T00:00:00", "dateUpdated": "2024-08-08T00:01:22.185Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2005-4778 (GCVE-0-2005-4778)
Vulnerability from cvelistv5
Published
2006-04-13 10:00
Modified
2024-09-17 02:15
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The powersave daemon in SUSE Linux 10.0 before 20051007 has an unspecified "configuration problem," which allows local users to suspend the computer and possibly perform certain other unauthorized actions.
References
► | URL | Tags | ||||||
---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:01:22.486Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SR:2005:022", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.suse.com/archive/suse-security-announce/2005-Oct/0002.html" }, { "name": "15042", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/15042" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "The powersave daemon in SUSE Linux 10.0 before 20051007 has an unspecified \"configuration problem,\" which allows local users to suspend the computer and possibly perform certain other unauthorized actions." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2006-04-13T10:00:00Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "SUSE-SR:2005:022", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.suse.com/archive/suse-security-announce/2005-Oct/0002.html" }, { "name": "15042", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/15042" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2005-4778", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The powersave daemon in SUSE Linux 10.0 before 20051007 has an unspecified \"configuration problem,\" which allows local users to suspend the computer and possibly perform certain other unauthorized actions." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SR:2005:022", "refsource": "SUSE", "url": "http://lists.suse.com/archive/suse-security-announce/2005-Oct/0002.html" }, { "name": "15042", "refsource": "BID", "url": "http://www.securityfocus.com/bid/15042" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2005-4778", "datePublished": "2006-04-13T10:00:00Z", "dateReserved": "2006-04-13T00:00:00Z", "dateUpdated": "2024-09-17T02:15:54.374Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
Vulnerability from fkie_nvd
Published
2005-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
liby2util in Yet another Setup Tool (YaST) in SUSE Linux before 20051007 preserves permissions and ownerships when copying a remote repository, which might allow local users to read or modify sensitive files, possibly giving local users the ability to exploit CVE-2005-3013.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
suse | suse_linux_openexchange_server | 4.0 | |
suse | suse_linux_school_server | gold | |
suse | suse_linux_standard_server | 8.0 | |
suse | suse_sled_beagle | 10.0 | |
suse | suse_linux | 1.0 | |
suse | suse_linux | 8 | |
suse | suse_linux | 8.0 | |
suse | suse_linux | 8.2 | |
suse | suse_linux | 8.2 | |
suse | suse_linux | 9.0 | |
suse | suse_linux | 9.0 | |
suse | suse_linux | 9.0 | |
suse | suse_linux | 9.0 | |
suse | suse_linux | 9.0 | |
suse | suse_linux | 9.1 | |
suse | suse_linux | 9.1 | |
suse | suse_linux | 9.1 | |
suse | suse_linux | 9.2 | |
suse | suse_linux | 9.2 | |
suse | suse_linux | 9.2 | |
suse | suse_linux | 9.3 | |
suse | suse_linux | 9.3 | |
suse | suse_linux | 9.3 | |
suse | suse_linux | 10.0 | |
suse | suse_linux | 10.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:suse:suse_linux_openexchange_server:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "042AF078-032E-4058-9BB1-362A0AADDD92", "vulnerable": true }, { "criteria": "cpe:2.3:a:suse:suse_linux_school_server:gold:*:*:*:*:*:*:*", "matchCriteriaId": "F8AAAE19-5591-4587-A207-1FCF19AE94E6", "vulnerable": true }, { "criteria": "cpe:2.3:a:suse:suse_linux_standard_server:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "14B5A54A-07E9-4F28-8D2E-76B41C8F7965", "vulnerable": true }, { "criteria": "cpe:2.3:a:suse:suse_sled_beagle:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "C827506E-89D8-438B-AB60-980D994E770B", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:desktop:*:*:*:*:*", "matchCriteriaId": "C7EAAD04-D7C4-43DE-B488-1AAD014B503E", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "D2E2EF3C-1379-4CBE-8FF5-DACD47834651", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:retail_solution:*:*:*:*:*", "matchCriteriaId": "9E4D356D-E894-4957-AD61-DA1145CC51FF", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:personal:*:*:*:*:*", "matchCriteriaId": "D4940BE0-08CA-4B6C-ACA2-EE6EECE3E4B8", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:professional:*:*:*:*:*", "matchCriteriaId": "4DA74FD7-3A1F-4D16-8396-2F12A34D1749", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:personal:*:*:*:*:*", "matchCriteriaId": "F239BA8A-6B41-4B08-8C7C-25D235812C50", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:professional:*:*:*:*:*", "matchCriteriaId": "89BA858B-9466-4640-84AE-DC5BDC65D6B8", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*", "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:personal:*:*:*:*:*", "matchCriteriaId": "3EA56868-ACA1-4C65-9FFB-A68129D2428A", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:professional:*:*:*:*:*", "matchCriteriaId": "1BA2E629-58C6-4BA0-A447-F8F570B35E74", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:x86_64:*:*:*:*:*", "matchCriteriaId": "D5F98B9A-880E-45F0-8C16-12B22970F0D1", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:personal:*:*:*:*:*", "matchCriteriaId": "3BEE15E9-9194-4E37-AB3B-66ECD5AC9E11", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:professional:*:*:*:*:*", "matchCriteriaId": "C89BA3B6-370B-4911-A363-935A9C9EACF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:x86_64:*:*:*:*:*", "matchCriteriaId": "B905C6E9-5058-4FD7-95B6-CD6AB6B2F516", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:personal:*:*:*:*:*", "matchCriteriaId": "4F1B4D15-0562-44D6-B80B-35A8F432BD41", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:professional:*:*:*:*:*", "matchCriteriaId": "D84ABF78-0D85-4E15-907E-B5ACE86EB8C7", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:x86_64:*:*:*:*:*", "matchCriteriaId": "9C7018E7-F90C-435D-A07A-05A294EA2827", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:oss:*:*:*:*:*", "matchCriteriaId": "16915004-1006-41D6-9E42-D1A5041E442D", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:professional:*:*:*:*:*", "matchCriteriaId": "994ABCE2-3B9E-4E4E-83F7-CE2A79C70F64", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "liby2util in Yet another Setup Tool (YaST) in SUSE Linux before 20051007 preserves permissions and ownerships when copying a remote repository, which might allow local users to read or modify sensitive files, possibly giving local users the ability to exploit CVE-2005-3013." } ], "id": "CVE-2005-4772", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2005-12-31T05:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.novell.com/linux/security/advisories/2005_22_sr.html" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/15026" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.novell.com/linux/security/advisories/2005_22_sr.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/15026" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2005-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
The powersave daemon in SUSE Linux 10.0 before 20051007 has an unspecified "configuration problem," which allows local users to suspend the computer and possibly perform certain other unauthorized actions.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
suse | suse_sled_beagle | 10.0 | |
suse | suse_linux | 10.0 | |
suse | suse_linux | 10.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:suse:suse_sled_beagle:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "C827506E-89D8-438B-AB60-980D994E770B", "vulnerable": false } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:oss:*:*:*:*:*", "matchCriteriaId": "16915004-1006-41D6-9E42-D1A5041E442D", "vulnerable": false }, { "criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:professional:*:*:*:*:*", "matchCriteriaId": "994ABCE2-3B9E-4E4E-83F7-CE2A79C70F64", "vulnerable": false } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The powersave daemon in SUSE Linux 10.0 before 20051007 has an unspecified \"configuration problem,\" which allows local users to suspend the computer and possibly perform certain other unauthorized actions." } ], "evaluatorSolution": "This vulnerablility is addressed in the following product release:\r\nSUSE, Linux, 10.0 2005-10-07", "id": "CVE-2005-4778", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2005-12-31T05:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://lists.suse.com/archive/suse-security-announce/2005-Oct/0002.html" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/15042" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://lists.suse.com/archive/suse-security-announce/2005-Oct/0002.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/15042" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }