CVE-2009-0667

Untrusted search path vulnerability in Agent/Backend.pm in Ocsinventory-Agent before 0.0.9.3, and 1.x before 1.0.1, in OCS Inventory allows local users to gain privileges via a Trojan horse Perl module in an arbitrary directory.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ocsinventory-ng:ocs_inventory_ng:1.0:*:*:*:*:*:*:*
cpe:2.3:a:ocsinventory-ng:ocs_inventory_ng:1.0:beta:*:*:*:*:*:*
cpe:2.3:a:ocsinventory-ng:ocs_inventory_ng:1.0:rc1:*:*:*:*:*:*
cpe:2.3:a:ocsinventory-ng:ocs_inventory_ng:1.0:rc2:*:*:*:*:*:*
cpe:2.3:a:ocsinventory-ng:ocs_inventory_ng:1.0:rc3:*:*:*:*:*:*
cpe:2.3:a:ocsinventory-ng:ocs_inventory_ng:1.0:rc3-1:*:*:*:*:*:*
cpe:2.3:a:ocsinventory-ng:ocsinventory-agent:*:*:*:*:*:*:*:*
cpe:2.3:a:ocsinventory-ng:ocsinventory-agent:0.05:*:*:*:*:*:*:*
cpe:2.3:a:ocsinventory-ng:ocsinventory-agent:0.08:*:*:*:*:*:*:*
cpe:2.3:a:ocsinventory-ng:ocsinventory-agent:0.09:*:*:*:*:*:*:*

History

21 Nov 2024, 01:00

Type Values Removed Values Added
References () http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506416 - Patch () http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506416 - Patch
References () http://nana.rulezlan.org/~goneri/ocsinventory-agent/Ocsinventory-Agent-0.0.9.3.tar.gz - Patch () http://nana.rulezlan.org/~goneri/ocsinventory-agent/Ocsinventory-Agent-0.0.9.3.tar.gz - Patch
References () http://osvdb.org/55718 - () http://osvdb.org/55718 -
References () http://secunia.com/advisories/35727 - () http://secunia.com/advisories/35727 -
References () http://secunia.com/advisories/35768 - () http://secunia.com/advisories/35768 -
References () http://security.debian.org/pool/updates/main/o/ocsinventory-agent/ocsinventory-agent_0.0.9.2repack1-4lenny1.diff.gz - Patch () http://security.debian.org/pool/updates/main/o/ocsinventory-agent/ocsinventory-agent_0.0.9.2repack1-4lenny1.diff.gz - Patch
References () http://www.debian.org/security/2009/dsa-1828 - Patch () http://www.debian.org/security/2009/dsa-1828 - Patch
References () http://www.ocsinventory-ng.org/index.php?mact=News%2Ccntnt01%2Cdetail%2C0&cntnt01articleid=144 - () http://www.ocsinventory-ng.org/index.php?mact=News%2Ccntnt01%2Cdetail%2C0&cntnt01articleid=144 -
References () http://www.securityfocus.com/bid/35593 - Patch () http://www.securityfocus.com/bid/35593 - Patch
References () http://www.vupen.com/english/advisories/2009/1809 - Patch, Vendor Advisory () http://www.vupen.com/english/advisories/2009/1809 - Patch, Vendor Advisory

07 Nov 2023, 02:03

Type Values Removed Values Added
References
  • {'url': 'http://www.ocsinventory-ng.org/index.php?mact=News,cntnt01,detail,0&cntnt01articleid=144', 'name': 'http://www.ocsinventory-ng.org/index.php?mact=News,cntnt01,detail,0&cntnt01articleid=144', 'tags': ['Patch', 'Vendor Advisory'], 'refsource': 'CONFIRM'}
  • () http://www.ocsinventory-ng.org/index.php?mact=News%2Ccntnt01%2Cdetail%2C0&cntnt01articleid=144 -

Information

Published : 2009-07-09 17:30

Updated : 2024-11-21 01:00


NVD link : CVE-2009-0667

Mitre link : CVE-2009-0667

CVE.ORG link : CVE-2009-0667


JSON object : View

Products Affected

ocsinventory-ng

  • ocsinventory-agent
  • ocs_inventory_ng