6.3 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:N/I:C/A:C
6.4 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
/etc/init.d/boot.localfs in the aaa_base package before 11.2-43.48.1 in SUSE openSUSE 11.2, and before 11.3-8.7.1 in openSUSE 11.3, allows local users to overwrite arbitrary files via a symlink attack on /dev/shm/mtab.
CPE | Name | Operator | Version |
---|---|---|---|
opensuse:opensuse | opensuse | eq | 11.2 |
opensuse:opensuse | opensuse | eq | 11.3 |