This script is Copyright (C) 2015 Tenable Network Security, Inc.
The remote openSUSE host is missing a security update.
Polkit was updated to 0.113 to fix four security issues.
The following vulnerabilities were fixed :
- CVE-2015-4625: a local privilege escalation due to
predictable authentication session cookie values.
- CVE-2015-3256: various memory corruption vulnerabilities
to local privilege escalation. (boo#943816)
- CVE-2015-3255: a memory corruption vulnerability in
handling duplicate action IDs, possibly leading to local
privilege escalation. (boo#939246)
- CVE-2015-3218: Allowed any local user to crash polkitd.
See also :
Update the affected polkit packages.
Risk factor :
Medium / CVSS Base Score : 4.6