all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Zimbra zmslapd Privilege Escalation

Add to bookmarks
Aug. 10, 2022, 4:21 p.m. |

Packet Storm packetstormsecurity.com

This Metasploit module exploits CVE-2022-37393, which is a vulnerability in Zimbra's sudo configuration that permits the zimbra user to execute the zmslapd binary as root with arbitrary parameters. As part of its intended functionality, zmslapd can load a user-defined configuration file, which includes plugins in the form of .so files, which also execute as root.

escalation privilege privilege escalation zimbra

Visit resource

More from packetstormsecurity.com / Packet Storm

Powerful Brokewell Android Trojan Allows Device Takeover 46 minutes ago | packetstormsecurity.com
android android trojan backdoor data loss +8
Over 1,400 CrushFTP Instances Vulnerable To Exploited 0-Day 46 minutes ago | packetstormsecurity.com
crushftp data loss exploited flaw +2
Millions Of IPs Remain Infected By USB Worm Years After Its Creators Left It For … 47 minutes ago | packetstormsecurity.com
backdoor creators dead ips +4
750 Million Vulnerable To Snooping From Chinese Keyboard Apps 47 minutes ago | packetstormsecurity.com
apps china chinese data loss +5
Ubuntu Security Notice USN-6750-1 1 day, 1 hour ago | packetstormsecurity.com
arbitrary code attacker browsing bypass +19
Ubuntu Security Notice USN-6743-3 1 day, 1 hour ago | packetstormsecurity.com
attacker compromise kernel linux +8
Ubuntu Security Notice USN-6657-2 1 day, 1 hour ago | packetstormsecurity.com
attacker dnsmasq dnssec issue +12
Ubuntu Security Notice USN-6749-1 1 day, 1 hour ago | packetstormsecurity.com
arbitrary code attacker code context +11
Red Hat Security Advisory 2024-2060-03 1 day, 1 hour ago | packetstormsecurity.com
advisory bugs denial of service fix +12

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Security Compliance Architect - Experian Health (Can be REMOTE from anywhere in the US)

@ Experian | ., ., United States
View on infosec-jobs.com

IT Security Specialist

@ Ørsted | Kuala Lumpur, MY
View on infosec-jobs.com

Senior, Cyber Security Analyst

@ Peloton | New York City
View on infosec-jobs.com

Cyber Security Engineer | Perimeter | Firewall

@ Garmin Cluj | Cluj-Napoca, Cluj County, Romania
View on infosec-jobs.com

Pentester / Ethical Hacker Web/API - Vast/Freelance

@ Resillion | Brussels, Belgium
View on infosec-jobs.com
View more jobs