SUS versions 2.0.2 has a format string vulnerability in the log() function that allows any local user to gain root privileges.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/34350/sus202.txt
Source: https://packetstormsecurity.com/files/34350/sus202.txt.html