Public bug reported: References: [1] DSA-1420-1 (http://www.debian.org/security/2007/dsa-1420) [2] Debian Bug #452682 (http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=452682) [3] CVE-2007-6210 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6210)
Quoting [1]: "Bas van Schaik discovered that the agentd process of Zabbix, a network monitor system, may run user-supplied commands as group id root, not zabbix, which may lead to a privilege escalation." ** Affects: zabbix (Ubuntu) Importance: Undecided Status: New ** Visibility changed to: Public ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2007-6210 -- [zabbix] [CVE-2007-6210] privilege escalation https://bugs.launchpad.net/bugs/174356 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs