Local Privilege Escalation Vulnerability in Zend Platform
CVE-2007-1370

Currently unrated

Key Information:

Vendor: Zend
Status: Zend Platform
Vendor: CVE Published:; 9 March 2007

What is CVE-2007-1370?

Zend Platform 2.2.3 and earlier versions are prone to a local privilege escalation issue due to incorrect file ownership. This vulnerability allows local users to elevate their privileges to root level by modifying vulnerable files, specifically scd.sh, under circumstances where php's safe_mode and open_basedir features are disabled. Effective security measures should ensure proper access controls and configuration settings to mitigate risks from this vulnerability.

References

http://www.php-security.org/MOPB/BONUS-06-2007.html

x_refsource_MISC

http://www.vupen.com/english/advisories/2007/0829

vdb-entryx_refsource_VUPEN

http://www.osvdb.org/32772

vdb-entryx_refsource_OSVDB

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 9, 2007
Vulnerability Reserved
Mar 9, 2007