CVE-2003-0847

SuSE Linux 8.2Pro - Local Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2003-0847. PoCs published by Nash Leon.

AI-analyzed exploit summary This exploit leverages a symbolic link vulnerability in SuSEConfig.vmware to overwrite arbitrary files as root. It creates multiple symbolic links in /tmp and triggers the vulnerability by running YaST2, which executes SuSEconfig.vmware with elevated privileges.

Description

SuSEconfig.susewm in the susewm package on SuSE Linux 8.2Pro allows local users to overwrite arbitrary files via a symlink attack on the susewm.$$ temporary file.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Nash Leon · clocallinux

https://www.exploit-db.com/exploits/23223

View Code ZIP pw:eip

This exploit leverages a symbolic link vulnerability in SuSEConfig.vmware to overwrite arbitrary files as root. It creates multiple symbolic links in /tmp and triggers the vulnerability by running YaST2, which executes SuSEconfig.vmware with elevated privileges.

Classification

Working Poc 90%

Attack Type

Lpe

Complexity

Trivial

Reliability

Reliable

Target: SuSE Linux 8.2 (SuSEConfig.vmware)

Auth required

Prerequisites: Local access to the system · Ability to execute YaST2 (requires X-Window and permissions)

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1222 - File and Directory Permissions Modification

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=106546531922379&w=2

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=106545972615578&w=2

Scores

EPSS 0.0071

EPSS Percentile 48.7%

Details

Status published

Products (1)

suse/suse_linux 8.2

Published Nov 17, 2003

Tracked Since Feb 18, 2026