[Bug 174356] [zabbix] [CVE-2007-6210] privilege escalation

hk47 Thu, 06 Dec 2007 01:05:15 -0800

Public bug reported:

References:
[1] DSA-1420-1 (http://www.debian.org/security/2007/dsa-1420)
[2] Debian Bug #452682 (http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=452682)
[3] CVE-2007-6210 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6210)


Quoting [1]:
"Bas van Schaik discovered that the agentd process of Zabbix, a network monitor 
system, may run user-supplied commands as group id root, not zabbix, which may 
lead to a privilege escalation."

** Affects: zabbix (Ubuntu)
     Importance: Undecided
         Status: New

** Visibility changed to: Public

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2007-6210

-- 
[zabbix] [CVE-2007-6210] privilege escalation
https://bugs.launchpad.net/bugs/174356
You received this bug notification because you are a member of Ubuntu
Bugs, which is the bug contact for Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 174356] [zabbix] [CVE-2007-6210] privilege escalation

Reply via email to