CVE-2016-5759

EUVD-2016-6694
The mkdumprd script called "dracut" in the current working directory "." allows local users to trick the administrator into executing code as root.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 8%
Affected Products (NVD)
VendorProductVersion
novellsuse_linux_enterprise_desktop
12.0:sp1
novellsuse_linux_enterprise_server
12.0:sp1
opensuseleap
42.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://lists.opensuse.org/opensuse-updates/2016-10/msg00083.html
http://lists.suse.com/pipermail/sle-security-updates/2016-October/002337.html
http://lists.opensuse.org/opensuse-updates/2016-10/msg00083.html
http://lists.suse.com/pipermail/sle-security-updates/2016-October/002337.html