First published: Fri Aug 17 2007(Updated: )
Unspecified vulnerability in a "core clean" cron job created by the findutils-locate package on SUSE Linux 10.0 and 10.1 and Enterprise Server 9 and 10 before 20070810 allows local users to delete of arbitrary files via unknown vectors.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
SUSE Linux | =9.0 | |
SUSE Linux | =10 | |
SUSE Linux | =10.0 | |
SUSE Linux | =10.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2007-4394 is considered to have a moderate severity level due to the potential for local users to delete arbitrary files.
To fix CVE-2007-4394, you should upgrade the affected SUSE Linux system to versions released after 20070810.
CVE-2007-4394 affects SUSE Linux 9.0, SUSE Linux 10.0, and SUSE Linux 10.1, including Enterprise Server versions.
Local users with access to the affected systems can exploit CVE-2007-4394 to delete arbitrary files.
CVE-2007-4394 is an unspecified local privilege escalation vulnerability originating from a misconfigured cron job.