Description
Untrusted search path vulnerability in the wrapper scripts for the (1) rug, (2) zen-updater, (3) zen-installer, and (4) zen-remover programs on SUSE Linux 10.1 and Enterprise 10 allows local users to gain privileges via modified (a) LD_LIBRARY_PATH and (b) MONO_GAC_PREFIX environment variables.
References (6)
Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/46783
Vendor Advisory vendor-advisory
x_refsource_suse
http://www.novell.com/linux/security/advisories/2007_17_sr.html
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26543
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/46781
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/46784
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/46782
Scores
EPSS
0.0003
EPSS Percentile
10.7%
Details
Status
published
Products (2)
novell/suse_linux
10.1
suse/suse_linux
10
Published
Aug 20, 2007
Tracked Since
Feb 18, 2026