Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The image creation configuration in aaa_base before 16.26.1 for openSUSE 13.1 KDE adds the root user to the "users" group when installing from a live image, which allows local users to obtain sensitive information and possibly have other unspecified impacts, as demonstrated by reading /etc/shadow.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Novell openSUSE aaa_base 信息泄露漏洞
Vulnerability Description
Novell openSUSE是美国Novell公司的一套基于Linux的自由操作系统。aaa_base是其中的一个包含了配置文件和脚本的安装包。 openSUSE 13.1版本的aaa_base软件安装包16.26.1之前的版本中的图像创建配置中存在信息泄露漏洞,该漏洞源于KDE添加root用户到‘users’组。本地攻击者可通过读取/etc/shadow文件利用该漏洞获取敏感信息,也可能产生其他影响。
CVSS Information
N/A
Vulnerability Type
N/A