Vulnerability Details CVE-2011-0461
/etc/init.d/boot.localfs in the aaa_base package before 11.2-43.48.1 in SUSE openSUSE 11.2, and before 11.3-8.7.1 in openSUSE 11.3, allows local users to overwrite arbitrary files via a symlink attack on /dev/shm/mtab.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 4.7%
CVSS Severity
CVSS v2 Score 6.3
References
- http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html
- http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html
- http://lists.opensuse.org/opensuse-updates/2011-03/msg00007.html
- http://support.novell.com/security/cve/CVE-2011-0461.html
- https://bugzilla.novell.com/665479
- http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html
- http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html
- http://lists.opensuse.org/opensuse-updates/2011-03/msg00007.html
- http://support.novell.com/security/cve/CVE-2011-0461.html
- https://bugzilla.novell.com/665479