[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249622

 
 

909

 
 

195521

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2013-7042Date: (C)2013-12-10   (M)2023-12-22


SUSE Lifecycle Management Server (SLMS) before 1.3.7 uses world-readable permissions for the secret keys, which allows local users to gain privileges via unspecified vectors.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.6
Exploit Score: 3.9
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
OSVDB-100652
SUSE-SU-2013:1813
https://bugzilla.novell.com/show_bug.cgi?id=852101
slms-cve20137042-information-disclosure(89897)

CPE    3
cpe:/a:novell:suse_lifecycle_management_server:1.2
cpe:/a:novell:suse_lifecycle_management_server:1.1
cpe:/a:novell:suse_lifecycle_management_server:1.0
CWE    1
CWE-264

© SecPod Technologies