Local User Authentication Flaw in SUSE Linux Enterprise Desktop and Open Enterprise Server
CVE-2006-6662

Currently unrated

Key Information:

Vendor: Suse
Status: Suse Open Enterprise Server; Linux Enterprise Desktop
Vendor: CVE Published:; 20 December 2006

Summary

A vulnerability exists in the Linux User Management component of Novell's SUSE Linux Enterprise Desktop 10 and Open Enterprise Server 9. Under certain conditions, this flaw permits local users to access the console without entering a password, potentially compromising the security of sensitive data and system integrity.

References

http://secunia.com/advisories/23409

third-party-advisoryx_refsource_SECUNIA

http://www.novell.com/linux/security/advisories/2006_29_s...

vendor-advisoryx_refsource_SUSE

Timeline

Vulnerability published
Dec 20, 2006
Vulnerability Reserved
Dec 20, 2006