CVE-2007-6210 Information

Description

zabbix_agentd 1.1.4 in ZABBIX before 1.4.3 runs \UserParameter\ scripts with gid 0 which might allow local users to gain privileges.

Reference

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=452682 http://secunia.com/advisories/27903 http://secunia.com/advisories/27948 http://secunia.com/advisories/27978 http://www.debian.org/security/2007/dsa-1420 http://www.securityfocus.com/bid/26680 http://www.zabbix.com/forum/showthread.php?t=8400 https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00196.html https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00232.html