CVE-2004-0064

SuSE 9.0 - Local Privilege Escalation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-0064. PoCs published by l0om.

AI-analyzed exploit summary This exploit targets a vulnerability in SuSE 9.0's YaST script SuSEconfig.gnome-filesystem, allowing an attacker to create or overwrite arbitrary files via a symlink attack. The code creates multiple directories and symlinks to exploit a race condition in the script.

Description

The SuSEconfig.gnome-filesystem script for YaST in SuSE 9.0 allows local users to overwrite arbitrary files via a symlink attack on files within the tmp.SuSEconfig.gnome-filesystem.$RANDOM temporary directory.

Exploits (1)

exploitdb WORKING POC VERIFIED
by l0om · clocallinux
https://www.exploit-db.com/exploits/144

This exploit targets a vulnerability in SuSE 9.0's YaST script SuSEconfig.gnome-filesystem, allowing an attacker to create or overwrite arbitrary files via a symlink attack. The code creates multiple directories and symlinks to exploit a race condition in the script.

Classification
Working Poc 90%
Attack Type
Other
Complexity
Moderate
Reliability
Racy
Target: SuSE 9.0 YaST script SuSEconfig.gnome-filesystem
No auth needed
Prerequisites: Access to the target system to execute the exploit · SuSE 9.0 with vulnerable YaST script
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/3460
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=107402658600437&w=2
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/10623
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1008703
Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/9411

Scores

EPSS 0.0076
EPSS Percentile 50.5%

Details

Status published
Products (1)
suse/suse_linux 9.0
Published Feb 17, 2004
Tracked Since Feb 18, 2026