<<< Date Index >>>     <<< Thread Index >>>

SuSE Linux K-Menu YAST Control Center Priviledge Escalation Vulnerability




A vulnerability exists in the implementation of 
placing the SuSE YAST Control Center in the K Menu.  
Normally, one would be required to authenticate as 
root before being granted access to the YAST Control 
Center.  When placing the 'preferences' submenu in 
the K Menu (in the 'submenu' section under the 
'Menus' tab of the K menu panel preferences), 
however, one can not only access, but make changes to 
the options in the YAST control center without having 
to authenticate as root.