CVE-2005-4772

liby2util in Yet another Setup Tool (YaST) in SUSE Linux before 20051007 preserves permissions and ownerships when copying a remote repository, which might allow local users to read or modify sensitive files, possibly giving local users the ability to exploit CVE-2005-3013.

Published: Dec 31, 2005
Updated: Apr 13, 2023
CVE: CVE-2005-4772
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
suse / suse_sled_beagle	10.0	10.0.x
suse / suse_linux_standard_server	8.0	8.0.x
suse / suse_linux_openexchange_server	4.0	4.0.x
suse / suse_linux_school_server	gold	gold.x
suse / suse_linux	9.0	9.0.x
suse / suse_linux	8.0	8.0.x
suse / suse_linux	9.1	9.1.x
suse / suse_linux	10.0	10.0.x
suse / suse_linux	9.3	9.3.x
suse / suse_linux	8	8.x
suse / suse_linux	1.0	1.0.x
suse / suse_linux	9.2	9.2.x
suse / suse_linux	8.2	8.2.x

http://www.novell.com/linux/security/advisories/2005_22_sr.html
http://www.securityfocus.com/bid/15026

Vulnerability Database

289,599

CVE-2005-4772