Title: SuSE Linux SuSEHelp CGI Insecure Temporary File Vulnerability
Severity: HIGH
Description:
SuSE Linux is a freely available, open source clone of the Unix Operating System, distributed by SuSE.
A problem with the software could make it possible for remote users to execute arbitrary commands. This could result in unauthorized access.
susehelp is part of the SuSE user documentation and help features available with SuSE Linux. It is designed to make getting answers to common questions about SuSE Linux easier.
A remote user may create a custom request that takes advantage of insecure temporary file permissions in the susehelp system. This could lead to the remote user gaining local access to the system, and result in further compromise of the system.
Affected Products:
- S.u.S.E. Linux 7.2.0
- S.u.S.E. Linux 7.3.0
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
