chkstat in SuSE Linux 9.0 through 10.0 allows local users to modify permissions of files by creating a hardlink to a file from a world-writable directory, which can cause the link count to drop to 1 when the file is deleted or replaced, which is then modified by chkstat to use weaker permissions.
2005-10-27T10:02:00.000
2025-04-03T01:03:51.193
Deferred
CVSSv2: 4.6 (MEDIUM)
AV:L/AC:L/Au:N/C:P/I:P/A:P
3.9
6.4
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | novell | suse_linux | 10.0 | Yes |
| Operating System | suse | suse_linux | 9.0 | Yes |
| Operating System | suse | suse_linux | 9.0 | Yes |
| Operating System | suse | suse_linux | 9.1 | Yes |
| Operating System | suse | suse_linux | 9.1 | Yes |
| Operating System | suse | suse_linux | 9.2 | Yes |
| Operating System | suse | suse_linux | 9.2 | Yes |
| Operating System | suse | suse_linux | 9.3 | Yes |
| Operating System | suse | suse_linux | 9.3 | Yes |