Untrusted search path vulnerability in Agent/Backend.pm in Ocsinventory-Agent before 0.0.9.3, and 1.x before 1.0.1, in OCS Inventory allows local users to gain privileges via a Trojan horse Perl module in an arbitrary directory.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Ocs_inventory_ng | Ocsinventory-ng | 1.0 (including) | 1.0 (including) |
Ocs_inventory_ng | Ocsinventory-ng | 1.0-beta (including) | 1.0-beta (including) |
Ocs_inventory_ng | Ocsinventory-ng | 1.0-rc1 (including) | 1.0-rc1 (including) |
Ocs_inventory_ng | Ocsinventory-ng | 1.0-rc2 (including) | 1.0-rc2 (including) |
Ocs_inventory_ng | Ocsinventory-ng | 1.0-rc3 (including) | 1.0-rc3 (including) |
Ocs_inventory_ng | Ocsinventory-ng | 1.0-rc3-1 (including) | 1.0-rc3-1 (including) |
Ocsinventory-agent | Ocsinventory-ng | * | 0.0.9.2 (including) |
Ocsinventory-agent | Ocsinventory-ng | 0.05 (including) | 0.05 (including) |
Ocsinventory-agent | Ocsinventory-ng | 0.08 (including) | 0.08 (including) |
Ocsinventory-agent | Ocsinventory-ng | 0.09 (including) | 0.09 (including) |
Ocsinventory-agent | Ubuntu | hardy | * |
Ocsinventory-agent | Ubuntu | intrepid | * |
Ocsinventory-agent | Ubuntu | jaunty | * |
Ocsinventory-agent | Ubuntu | upstream | * |