Bugtraq mailing list archives

SuSE Linux K-Menu YAST Control Center Priviledge Escalation Vulnerability

From: Jordan Pilat <cacophony () syncreate org>
Date: 6 Aug 2004 02:45:45 -0000



A vulnerability exists in the implementation of 
placing the SuSE YAST Control Center in the K Menu.  
Normally, one would be required to authenticate as 
root before being granted access to the YAST Control 
Center.  When placing the 'preferences' submenu in 
the K Menu (in the 'submenu' section under the 
'Menus' tab of the K menu panel preferences), 
however, one can not only access, but make changes to 
the options in the YAST control center without having 
to authenticate as root.

Current thread:

SuSE Linux K-Menu YAST Control Center Priviledge Escalation Vulnerability Jordan Pilat (Aug 06)
- Re: SuSE Linux K-Menu YAST Control Center Priviledge Escalation Vulnerability Stefan Seifert (Aug 07)
- Re: SuSE Linux K-Menu YAST Control Center Priviledge Escalation Vulnerability Radoslav Dejanović (Aug 09)
  - Re: SuSE Linux K-Menu YAST Control Center Priviledge Escalation Vulnerability Matthias Leisi (Aug 09)