CVE-2007-6210
published 2007-12-04CVE-2007-6210: zabbix_agentd 1.1.4 in ZABBIX before 1.4.3 runs "UserParameter" scripts with gid 0, which might allow local users to gain privileges.
PriorityP415low2.1CVSS 2.0
AVLACLAuNCPINAN
EXPLOIT
EPSS
0.78%
51.2th percentile
zabbix_agentd 1.1.4 in ZABBIX before 1.4.3 runs "UserParameter" scripts with gid 0, which might allow local users to gain privileges.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | zabbix | < zabbix 1:1.4.2-4 (bookworm) | zabbix 1:1.4.2-4 (bookworm) |
| zabbix | zabbix | >= 0 < 1:1.4.2-4 | 1:1.4.2-4 |
| zabbix | zabbix | >= 0 < 1:1.4.2-4 | 1:1.4.2-4 |
| zabbix | zabbix | >= 0 < 1:1.4.2-4 | 1:1.4.2-4 |
| zabbix | zabbix | >= 0 < 1:1.4.2-4 | 1:1.4.2-4 |
| zabbix | zabbix_agentd | — | — |
CVSS provenance
nvdv2.02.1LOWAV:L/AC:L/Au:N/C:P/I:N/A:N
osv2.1LOW
vendor_debian2.1LOW
vendor_redhat2.1LOW
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-rw3m-rqw9-p6rw: zabbix_agentd 1
ghsa_unreviewed·2022-05-01
CVE-2007-6210 [LOW] GHSA-rw3m-rqw9-p6rw: zabbix_agentd 1
zabbix_agentd 1.1.4 in ZABBIX before 1.4.3 runs "UserParameter" scripts with gid 0, which might allow local users to gain privileges.
OSV
CVE-2007-6210: zabbix_agentd 1
osv·2007-12-04·CVSS 2.1
CVE-2007-6210 [LOW] CVE-2007-6210: zabbix_agentd 1
zabbix_agentd 1.1.4 in ZABBIX before 1.4.3 runs "UserParameter" scripts with gid 0, which might allow local users to gain privileges.
Debian
CVE-2007-6210: zabbix - zabbix_agentd 1.1.4 in ZABBIX before 1.4.3 runs "UserParameter" scripts with gid...
vendor_debian·2007·CVSS 2.1
CVE-2007-6210 [LOW] CVE-2007-6210: zabbix - zabbix_agentd 1.1.4 in ZABBIX before 1.4.3 runs "UserParameter" scripts with gid...
zabbix_agentd 1.1.4 in ZABBIX before 1.4.3 runs "UserParameter" scripts with gid 0, which might allow local users to gain privileges.
Scope: local
bookworm: resolved (fixed in 1:1.4.2-4)
bullseye: resolved (fixed in 1:1.4.2-4)
forky: resolved (fixed in 1:1.4.2-4)
sid: resolved (fixed in 1:1.4.2-4)
trixie: resolved (fixed in 1:1.4.2-4)
Red Hat
zabbix: root
vendor_redhat·CVSS 2.1
CVE-2007-6210 [LOW] zabbix: root
zabbix: root
zabbix_agentd 1.1.4 in ZABBIX before 1.4.3 runs "UserParameter" scripts with gid 0, which might allow local users to gain privileges.
No detection rules found.
Bugzilla
CVE-2007-6210 zabbix scripts running with wrong GID
bugzilla·2007-12-04·CVSS 2.1
CVE-2007-6210 [LOW] CVE-2007-6210 zabbix scripts running with wrong GID
CVE-2007-6210 zabbix scripts running with wrong GID
Common Vulnerabilities and Exposures assigned an identifier CVE-2007-6210 to the following vulnerability:
zabbix_agentd 1.1.4 in ZABBIX runs "UserParameter" scripts with gid 0, which might allow local users to gain privileges.
References:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=452682
Discussion:
Whoops :/
*** This bug has been marked as a duplicate of 407181 ***
Bugzilla
CVE-2007-6210 zabbix "UserParameter" scripts run with zabbix:root
bugzilla·2007-12-01·CVSS 2.1
CVE-2007-6210 [LOW] CVE-2007-6210 zabbix "UserParameter" scripts run with zabbix:root
CVE-2007-6210 zabbix "UserParameter" scripts run with zabbix:root
Description of problem:
Debian bug #452682 (see URL) describes that "UserParameter" scripts run with
user:group zabbix:root. Could you please check if this also applies for Fedora?
Discussion:
Yes, it applies, it is a "feature". I am building new packages right now.
---
CVE Identifier was requested.
---
zabbix-1.4.2-3.fc7 sharkcz 2007-12-01 02:18:40 complete
zabbix-1.4.2-4.fc8 sharkcz 2007-12-01 02:14:46 complete
zabbix-1.4.2-4.fc9 sharkcz 2007-12-01 02:07:50 complete
---
*** Bug 409911 has been marked as a duplicate of this bug. ***
---
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6210
---
zabbix-1.4.2-3.fc7 has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=452682http://secunia.com/advisories/27903http://secunia.com/advisories/27948http://secunia.com/advisories/27978http://www.debian.org/security/2007/dsa-1420http://www.securityfocus.com/bid/26680http://www.zabbix.com/forum/showthread.php?t=8400https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00196.htmlhttps://www.redhat.com/archives/fedora-package-announce/2007-December/msg00232.htmlhttp://bugs.debian.org/cgi-bin/bugreport.cgi?bug=452682http://secunia.com/advisories/27903http://secunia.com/advisories/27948http://secunia.com/advisories/27978http://www.debian.org/security/2007/dsa-1420http://www.securityfocus.com/bid/26680http://www.zabbix.com/forum/showthread.php?t=8400https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00196.htmlhttps://www.redhat.com/archives/fedora-package-announce/2007-December/msg00232.html
2007-12-04
Published