The init script for Apache Geronimo on SUSE Linux follows symlinks when performing a chown operation, which might allow local users to obtain access to unspecified files or directories.
References
Link | Resource |
---|---|
http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | Patch |
http://secunia.com/advisories/28838 | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
No history.
Information
Published : 2008-02-12 21:00
Updated : 2024-02-28 11:01
NVD link : CVE-2008-0732
Mitre link : CVE-2008-0732
CVE.ORG link : CVE-2008-0732
JSON object : View
Products Affected
apache
- geronimo
suse
- suse_linux
CWE
CWE-59
Improper Link Resolution Before File Access ('Link Following')