Description
chkstat in SuSE Linux 9.0 through 10.0 allows local users to modify permissions of files by creating a hardlink to a file from a world-writable directory, which can cause the link count to drop to 1 when the file is deleted or replaced, which is then modified by chkstat to use weaker permissions.
References (5)
Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/20263
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/17290/
Vendor Advisory vendor-advisory
x_refsource_suse
http://www.novell.com/linux/security/advisories/2005_62_permissions.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/15182
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/22853
Scores
EPSS
0.0003
EPSS Percentile
9.3%
Details
Status
published
Products (5)
novell/suse_linux
10.0
suse/suse_linux
9.0 (2 CPE variants)
suse/suse_linux
9.1 (2 CPE variants)
suse/suse_linux
9.2 (2 CPE variants)
suse/suse_linux
9.3 (2 CPE variants)
Published
Oct 27, 2005
Tracked Since
Feb 18, 2026