This script is Copyright (C) 2009-2013 Tenable Network Security, Inc.
The remote SuSE 10 host is missing a security-related patch.
This update fixes a local privilege escalation in udev.
- udev did not check the origin of the netlink messages. A
local attacker could fake device create events and so
gain root privileges. (CVE-2009-1185)
It also fixes three bugs :
- Fixup persistent symlinks for tapes. (bnc#446534)
- Fixup broken ATA compability links. (bnc#447995)
- Add by-path links for tapes (bnc#478132)
See also :
Apply ZYPP patch number 6153.
Risk factor :
High / CVSS Base Score : 7.2
Public Exploit Available : true