openSUSE 10 Security Update : opensuse-updater (opensuse-updater-5262)

High Nessus Plugin ID 32454


The remote openSUSE host is missing a security update.


This update fixes a symlink problem and two off-by-one vulnerabilities. The overflows can be considered no security problem but the symlink flaw could be used by local users to gain unauthorized access to information (like passwords).


Update the affected opensuse-updater package.

Plugin Details

Severity: High

ID: 32454

File Name: suse_opensuse-updater-5262.nasl

Version: $Revision: 1.5 $

Type: local

Agent: unix

Published: 2008/05/28

Modified: 2014/06/13

Dependencies: 12634

Risk Information

Risk Factor: High

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:opensuse-updater, cpe:/o:novell:opensuse:10.2

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Patch Publication Date: 2008/05/21