mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-29 01:31:01 +00:00
818 B
818 B
CVE-2014-6260
Description
Zenoss Core through 5 Beta 3 does not require a password for modifying the pager command string, which allows remote attackers to execute arbitrary commands or cause a denial of service (paging outage) by leveraging an unattended workstation, aka ZEN-15412.
POC
Reference
- http://www.kb.cert.org/vuls/id/449452
- https://docs.google.com/spreadsheets/d/1dHAc4PxUbs-4Dxzm1wSCE0sMz5UCMY6SW3PlMHSyuuQ/edit?usp=sharing
Github
No PoCs found on GitHub currently.