Description
liby2util in Yet another Setup Tool (YaST) in SUSE Linux before 20051007 preserves permissions and ownerships when copying a remote repository, which might allow local users to read or modify sensitive files, possibly giving local users the ability to exploit CVE-2005-3013.
References (2)
Core 2
Core References
Patch, Vendor Advisory vendor-advisory
x_refsource_suse
http://www.novell.com/linux/security/advisories/2005_22_sr.html
Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/15026
Scores
EPSS
0.0028
EPSS Percentile
51.3%
Details
Status
published
Products (13)
suse/suse_linux
1.0
suse/suse_linux
8
suse/suse_linux
8.0
suse/suse_linux
8.2 (2 CPE variants)
suse/suse_linux
9.0 (5 CPE variants)
suse/suse_linux
9.1 (3 CPE variants)
suse/suse_linux
9.2 (3 CPE variants)
suse/suse_linux
9.3 (3 CPE variants)
suse/suse_linux
10.0 (2 CPE variants)
suse/suse_linux_openexchange_server
4.0
... and 3 more
Published
Dec 31, 2005
Tracked Since
Feb 18, 2026