Florian Weimer
2006-Apr-15 08:42 UTC
[Secure-testing-team] CVE-2005-4778 and CVE-2006-0146 (powersave)
The SuSe changelog contains the following information: * Wed Dec 07 2005 - hmacht@suse.de - fix local root exploit and possible buffer overflow * Mon Oct 03 2005 - hmacht@suse.de - fix consider nice (bug 117490) - acpi problems with button ignore (bug 117248) - fix opening of too many dbus connections (bug 106897) - fix dbus policy in configuration file and so forbid remote users to use the powersave-dbus interface (bug 119628) * Wed Dec 07 2005 - hmacht@suse.de - fix local root exploit and possible buffer overflow The second entry should probably read "Fix buffer overflow and possible local root exploit". There is just a patch for a buffer overflow, and not one specifically for a local root exploit. The first issue is described at: <https://bugzilla.novell.com/show_bug.cgi?id=119628&x=18&y=11&=Find> This bug cannot be exploited by "remote users" in the usual terminology, but by local users which do not have console access. (From the bug description: "look for a machine where someone is working on a desktop. Login remote. Type ''powersave -U''. Hear the desktop user scream when his machine goes into suspend. powersave -U/-u should only work for X-user.")