CVE-2013-3713 Information

Description

The image creation configuration in aaa_base before 16.26.1 for openSUSE 13.1 KDE adds the root user to the \users\ group when installing from a live image which allows local users to obtain sensitive information and possibly have other unspecified impacts as demonstrated by reading /etc/shadow.

Reference

http://lists.opensuse.org/opensuse-updates/2013-12/msg00117.html https://bugzilla.novell.com/show_bug.cgi?id=843230