Search

published date: January 24, 2005

CVE-2005-0072 : zhcon before 0.2 does...

Description

zhcon before 0.2 does not drop privileges before reading a user configuration file, which allows local users to read arbitrary files.

Product(s):

  • Zhcon 0.2

Question to Ask Vendors:

  1. Can you confirm whether your systems are affected by CVE-2005-0072, and if so, what steps are you currently taking to mitigate this vulnerability?
  2. What is your estimated timeline for fully resolving CVE-2005-0072 in your products or services, and how will you communicate updates on this issue to us as your customer?

READY TO GET RESULTS YOU CAN TRUST?