2 matches found
openSUSE Security Update : cobbler (openSUSE-SU-2011:0277-1)
/var/log/cobbler/ directory was owned by the web service user. Access to this account could potentially be abused to corrupt files during root filesystem operations by the Cobbler daemon CVE-2011-1551. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in...
CVE-2011-1551
The CVE-2011-1551 issue affects openSUSE/SUSE Cobbler: the /var/log/cobbler/ directory is owned by the web-service user, which may allow local users to escalate privileges when Cobbler performs root filesystem operations. The connected documents confirm this local-privilege-elevation risk without...