Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2003-0847 — Linux vulnerability

4 documents4 sources

Severity

4.6MEDIUMNVD

EPSS

0.4%

top 41.66%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Suse Linux

Timeline

PublishedNov 17

Latest updateApr 29

Description

SuSEconfig.susewm in the susewm package on SuSE Linux 8.2Pro allows local users to overwrite arbitrary files via a symlink attack on the susewm.$$ temporary file.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages1 packages

▶NVDsuse/suse_linux8.2

🔴Vulnerability Details

GHSA

GHSA-769w-m9jq-53m8: SuSEconfig↗2022-04-29

▶

CVEList

CVE-2003-0847: SuSEconfig↗2003-10-09

▶

💥Exploits & PoCs

Exploit-DB

SuSE Linux Professional 8.2 - SuSEWM Configuration File Insecure Temporary File↗2003-10-06

▶