Security Advisory

CVE-2016-2363

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2016-06-20 01:00:00

Last updated 2024-08-05 23:24:49

Assigner certcc

State PUBLISHED

Description

Fonality (previously trixbox Pro) 12.6 through 14.1i before 2016-06-01 uses weak permissions for the /var/www/rpc/surun script, which allows local users to obtain root access for unspecified command execution by leveraging access to the nobody account.

← Browse all CVEs View on cve.org ↗