CVE-2008-4636: Input Validation

First published: Thu Nov 27 2008(Updated: )

yast2-backup 2.14.2 through 2.16.6 on SUSE Linux and Novell Linux allows local users to gain privileges via shell metacharacters in filenames used by the backup process.

Credit: cve@mitre.org cve@mitre.org

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• collector/nvd-historical
• agent/type
• agent/event
• agent/first-publish-date
• agent/severity
• agent/references
• agent/last-modified-date
• agent/remedy
• agent/author
• agent/weakness
• agent/description
• agent/tags
• collector/nvd-api
• source/NVD
• agent/software-canonical-lookup
• agent/software-canonical-lookup-request
• collector/nvd-index
• agent/softwarecombine
• collector/mitre-cve
• source/MITRE
• vendor/novell
• canonical/novell linux desktop
• version/novell linux desktop/9
• canonical/novell open enterprise server
• vendor/opensuse
• canonical/opensuse opensuse
• version/opensuse opensuse/10.2
• version/opensuse opensuse/10.3
• version/opensuse opensuse/11.0
• vendor/suse
• canonical/suse linux enterprise server
• version/suse linux enterprise server/8
• version/suse linux enterprise server/9
• canonical/suse suse linux enterprise desktop
• version/suse suse linux enterprise desktop/10-sp1
• version/suse suse linux enterprise desktop/10-sp2
• canonical/suse suse linux enterprise server
• version/suse suse linux enterprise server/10-sp1
• version/suse suse linux enterprise server/10-sp2
• canonical/suse yast2-backup
• version/suse yast2-backup/2.14.2
• version/suse yast2-backup/2.16.6
• canonical/novell opensuse
• canonical/novell suse linux
• version/novell suse linux/9
• version/novell suse linux/9.3
• version/novell suse linux/10
• version/novell suse linux/10.0
• version/novell suse linux/10.1
• canonical/novell suse linux enterprise server
• version/novell suse linux enterprise server/9