• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

SUSE Linux Permissions Package CHKSTAT Insecure Permissions Handling Vulnerability

The SUSE Linux 'permissions' package is susceptible to a local information disclosure vulnerability. This issue is due to improper handling of file permissions by the 'chkstat' utility.

This issue is due to the inherent insecurity of attempting to modify files contained in world-writable directories.

Local attackers may gain access to the contents of potentially sensitive files, aiding them in further attacks.