SuSE9 Security Update : YaST2 (YOU Patch Number 11952)

This script is Copyright (C) 2009-2012 Tenable Network Security, Inc.

Synopsis :

The remote SuSE 9 host is missing a security-related patch.

Description :

This update fixes a security bug in yast2-core that allows local
attackers to provide malicious YaST2 modules to YaST2 which are
subsequently executed with root privileges. To trigger this
vulnerability root has to execute yast2 in an untrusted directory
(i.e. /tmp).

Solution :

Apply YOU patch number 11952.

Risk factor :


Family: SuSE Local Security Checks

Nessus Plugin ID: 41161 ()

Bugtraq ID:


Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now