Checkmk before 1.6.0p17 allows local users to obtain SYSTEM privileges via a Trojan horse shell script in the %PROGRAMDATA%checkmkagentlocal directory.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Checkmk | Tribe29 | * | 1.6.0 (excluding) |
| Checkmk | Tribe29 | 1.6.0 (including) | 1.6.0 (including) |
| Checkmk | Tribe29 | 1.6.0-p1 (including) | 1.6.0-p1 (including) |
| Checkmk | Tribe29 | 1.6.0-p10 (including) | 1.6.0-p10 (including) |
| Checkmk | Tribe29 | 1.6.0-p11 (including) | 1.6.0-p11 (including) |
| Checkmk | Tribe29 | 1.6.0-p12 (including) | 1.6.0-p12 (including) |
| Checkmk | Tribe29 | 1.6.0-p13 (including) | 1.6.0-p13 (including) |
| Checkmk | Tribe29 | 1.6.0-p14 (including) | 1.6.0-p14 (including) |
| Checkmk | Tribe29 | 1.6.0-p15 (including) | 1.6.0-p15 (including) |
| Checkmk | Tribe29 | 1.6.0-p16 (including) | 1.6.0-p16 (including) |
| Checkmk | Tribe29 | 1.6.0-p2 (including) | 1.6.0-p2 (including) |
| Checkmk | Tribe29 | 1.6.0-p3 (including) | 1.6.0-p3 (including) |
| Checkmk | Tribe29 | 1.6.0-p4 (including) | 1.6.0-p4 (including) |
| Checkmk | Tribe29 | 1.6.0-p5 (including) | 1.6.0-p5 (including) |
| Checkmk | Tribe29 | 1.6.0-p6 (including) | 1.6.0-p6 (including) |
| Checkmk | Tribe29 | 1.6.0-p7 (including) | 1.6.0-p7 (including) |
| Checkmk | Tribe29 | 1.6.0-p8 (including) | 1.6.0-p8 (including) |
| Checkmk | Tribe29 | 1.6.0-p9 (including) | 1.6.0-p9 (including) |