Vulnerability in Novell Opensuse_factory

CVE-2011-1551

SUSE openSUSE Factory assigns ownership of the /var/log/cobbler/ directory tree to the web-service user account, which might allow local users to gain privileges by leveraging access to this account during root filesystem operations by the…

EPSS: 0.000 (11.0th percentile) — read the EPSS interpretation.

Affected products

Novell Opensuse_factory
N/a — versions n/a

Weakness classification (CWE)

CWE-264

References

[oss-security] 20110323 Re: CVE Request -- logrotate -- nine issues (mailing-list, x_refsource_MLIST)
opensuse-cobbler-priv-escalation(66487) (vdb-entry, x_refsource_XF)