CVE-2014-0595

low

Published 2014-05-08 · Modified 2026-05-06

CVSS v3

—

CVSS v2

2.6

VIR risk

2.6

Description

/opt/novell/ncl/bin/nwrights in Novell Client for Linux in Novell Open Enterprise Server (OES) 11 Linux SP2 does not properly manage a certain array, which allows local users to obtain the S permission in opportunistic circumstances by leveraging the granting of the F permission by an administrator.

Predictions

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: cve@mitre.org — http://www.novell.com/support/kb/doc.php?id=7014932

References

http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00030.html
http://www.novell.com/support/kb/doc.php?id=7014932
http://www.securityfocus.com/bid/67144
http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00030.html
http://www.novell.com/support/kb/doc.php?id=7014932
http://www.securityfocus.com/bid/67144

CWEs

CWE-119

Verify integrity in audit chain (admin only). AS-IS.