Upstream information

CVE-2011-0468 at MITRE

Description

The aaa_base package before 11.3-8.9.1 in SUSE openSUSE 11.3, and before 11.4-54.62.1 in openSUSE 11.4, allows local users to gain privileges via shell metacharacters in a filename, related to tab expansion.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having moderate severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 6.9
Vector AV:L/AC:M/Au:N/C:C/I:C/A:C
Access Vector Local
Access Complexity Medium
Authentication None
Confidentiality Impact Complete
Integrity Impact Complete
Availability Impact Complete
SUSE Bugzilla entry: 678827 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
openSUSE 11.3
  • aaa_base-debuginfo >= 11.3-8.9.1
  • aaa_base-debugsource >= 11.3-8.9.1
openSUSE 11.3
  • aaa_base >= 11.3-8.9.1
openSUSE 11.4
  • aaa_base >= 11.4-54.62.1
  • aaa_base-extras >= 11.4-54.62.1
openSUSE 11.4
  • aaa_base >= 11.4-54.62.1
  • aaa_base-debuginfo >= 11.4-54.62.1
  • aaa_base-debugsource >= 11.4-54.62.1
  • aaa_base-extras >= 11.4-54.62.1
Patchnames:
aaa_base