Arbitrary Command Execution Vulnerabilities in obs-service-extract_file Package
CVE-2016-4007 · HIGH Severity
AV:N/AC:L/AU:N/C:C/I:C/A:C
Multiple unspecified vulnerabilities in the obs-service-extract_file package before 0.3-5.1 in openSUSE Leap 42.1 and before 0.3-3.1 in openSUSE 13.2 allow attackers to execute arbitrary commands via a service definition, related to executing unzip with "illegal options."
Learn more about our Cis Benchmark Audit For Suse Linux Enterprise Server.