openSUSE 10 Security Update : yast2-core (yast2-core-4634)

This script is Copyright (C) 2007-2014 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

This update fixes a security bug in yast2-core that allowed local
attackers to provide malicious yast2 modules to yast2 that are
executed with root privileges. To trigger this vulnerability root has
to execute yast2 in an untrusted directory (i.e. /tmp). Thanks to
Stefan Nordhausen for reporting this to us.

Solution :

Update the affected yast2-core packages.

Risk factor :

High

Family: SuSE Local Security Checks

Nessus Plugin ID: 28180 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now