← CVECheck
HomeVulnerabilities

CVE-2004-2133 — MEDIUM severity vulnerability (Certain third-party packages for CVSup 16.1h, such as SuSE L)

Certain third-party packages for CVSup 16.1h, such as SuSE Linux, contain untrusted paths in the ELF RPATH fields of certain executables, which could allow local users to execute arbitrary code by causing cvsup to link against malicious libraries that are created in world-writable directories such as /usr/src/packages.

CVE IDCVE-2004-2133
SeverityMEDIUM
CVSS score4.6
CVSS vectorAV:L/AC:L/Au:N/C:P/I:P/A:P
CWENVD-CWE-Other
StatusModified
Published2004-01-29
Last modified2026-04-16
DescriptionCertain third-party packages for CVSup 16.1h, such as SuSE Linux, contain untrusted paths in the ELF RPATH fields of certain executables, which could allow local users to execute arbitrary code by causing cvsup to link against malicious libraries that are created in world-writable directories such as /usr/src/packages.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →