[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SuSE Linux K-Menu YAST Control Center Priviledge Escalation Vulnerability

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: SuSE Linux K-Menu YAST Control Center Priviledge Escalation Vulnerability
From: Matthias Leisi <matthias@xxxxxxxxx>
Date: Mon, 09 Aug 2004 20:13:34 +0200

Radoslav Dejanović wrote:

It does pose some risk, however, for it might allow unprivileged user to take a look at some data that should be hidden from the user (for example, you can look at firewall settings but can't make changes).

But if the user is allowed to read this file (eg. somewhere in /etc) through Yast, then he can read it anyway, let's say through less.

On the other hand, you can start yast from console with -firewall switch and have a peek at the settings (still can't make changes), so this isn't KDE fault but flaw in yast itself. It would be wise to add some paranoia to yast so it won't show sensitive data to unprivileged user.

Which is a bad idea, since it merely hides the problem.

-- Matthias

--
Brain-Log                               http://matthias.leisi.net/

References:
- SuSE Linux K-Menu YAST Control Center Priviledge Escalation Vulnerability
  - From: Jordan Pilat
- Re: SuSE Linux K-Menu YAST Control Center Priviledge Escalation Vulnerability
  - From: Radoslav Dejanović

Prev by Date: Re: [PHP Bug] How to hide a HTTP request in the apache logs
Next by Date: Windows doesn't verify digital signature of CRL files
Previous by thread: Re: SuSE Linux K-Menu YAST Control Center Priviledge Escalation Vulnerability
Next by thread: Re: [Full-Disclosure] Clear text password exposure in Datakey's tokens and smartcards
Index(es):
- Date
- Thread