2 matches found
CVE-2007-2654
CVE-2007-2654 concerns the xfsdump tool: the xfs_fsr component creates a .fsr temporary directory with insecure permissions, enabling local users to read or overwrite arbitrary files on xfs filesystems. This is confirmed by multiple connected sources (Mandriva/MDKSA-2007:134, SUSE SUSEVE- CVE map...
CVE-2005-4772
The CVE-2005-4772 entry concerns liby2util in YaST on SUSE Linux prior to 20051007. The description states that liby2util preserves permissions and ownerships when copying a remote repository, which could allow local users to read or modify sensitive files. The connected SUSE CVE-2005-4772 page c...