Zimbra's sudo configuration permits the zimbra user to execute the zmslapd binary as root with arbitrary parameters. As part of its intended functionality, zmslapd can load a user-defined configuration file, which includes plugins in the form of .so files, which also execute as root.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
zimbra collaboration 9.0.0 |
||
zimbra collaboration 8.8.15 |
||
zimbra collaboration 8.7.6 |
||
zimbra collaboration 8.7.7 |
||
zimbra collaboration 8.7.9 |
||
zimbra collaboration 8.7.10 |
||
zimbra collaboration 8.7.11 |
||
zimbra collaboration 8.8.0 |
||
zimbra collaboration 8.8.2 |
||
zimbra collaboration 8.8.3 |
||
zimbra collaboration 8.8.4 |
||
zimbra collaboration 8.8.6 |
||
zimbra collaboration 8.8.7 |
||
zimbra collaboration 8.8.8 |
||
zimbra collaboration 8.8.9 |
||
zimbra collaboration 8.8.10 |
||
zimbra collaboration 8.8.11 |
||
zimbra collaboration 8.8.12 |