Back to search
CVE-2007-1370
Published: Mar 9, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
Zend Platform 2.2.3 and earlier has incorrect ownership for scd.sh and certain other files, which allows local users to gain root privileges by modifying the files. NOTE: this only occurs when safe_mode and open_basedir are disabled; other settings require leverage for other vulnerabilities.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://www.php-security.org/MOPB/BONUS-06-2007.html
x_refsource_MISC
ADV-2007-0829
vdb-entry
x_refsource_VUPEN
32772
vdb-entry
x_refsource_OSVDB
22801
vdb-entry
x_refsource_BID
24501
third-party-advisory
x_refsource_SECUNIA
zend-scd-privilege-escalation(32825)
vdb-entry
x_refsource_XF
http://www.zend.com/products/zend_platform/security_vulnerabilities
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now