mailing list archives
SuSE Linux K-Menu YAST Control Center Priviledge Escalation Vulnerability
From: Jordan Pilat <cacophony () syncreate org>
Date: 6 Aug 2004 02:45:45 -0000
A vulnerability exists in the implementation of
placing the SuSE YAST Control Center in the K Menu.
Normally, one would be required to authenticate as
root before being granted access to the YAST Control
Center. When placing the 'preferences' submenu in
the K Menu (in the 'submenu' section under the
'Menus' tab of the K menu panel preferences),
however, one can not only access, but make changes to
the options in the YAST control center without having
to authenticate as root.
- SuSE Linux K-Menu YAST Control Center Priviledge Escalation Vulnerability Jordan Pilat (Aug 06)