Unrated severityNVD Advisory· Published Jul 9, 2009· Updated Apr 23, 2026
CVE-2009-0667
CVE-2009-0667
Description
Untrusted search path vulnerability in Agent/Backend.pm in Ocsinventory-Agent before 0.0.9.3, and 1.x before 1.0.1, in OCS Inventory allows local users to gain privileges via a Trojan horse Perl module in an arbitrary directory.
Affected products
10cpe:2.3:a:ocsinventory-ng:ocsinventory-agent:*:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:ocsinventory-ng:ocsinventory-agent:*:*:*:*:*:*:*:*range: <=0.0.9.2
- cpe:2.3:a:ocsinventory-ng:ocsinventory-agent:0.05:*:*:*:*:*:*:*
- cpe:2.3:a:ocsinventory-ng:ocsinventory-agent:0.08:*:*:*:*:*:*:*
- cpe:2.3:a:ocsinventory-ng:ocsinventory-agent:0.09:*:*:*:*:*:*:*
cpe:2.3:a:ocsinventory-ng:ocs_inventory_ng:1.0:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:ocsinventory-ng:ocs_inventory_ng:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:ocsinventory-ng:ocs_inventory_ng:1.0:beta:*:*:*:*:*:*
- cpe:2.3:a:ocsinventory-ng:ocs_inventory_ng:1.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:ocsinventory-ng:ocs_inventory_ng:1.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:ocsinventory-ng:ocs_inventory_ng:1.0:rc3:*:*:*:*:*:*
- cpe:2.3:a:ocsinventory-ng:ocs_inventory_ng:1.0:rc3-1:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
10- bugs.debian.org/cgi-bin/bugreport.cginvdPatch
- nana.rulezlan.org/~goneri/ocsinventory-agent/Ocsinventory-Agent-0.0.9.3.tar.gznvdPatch
- security.debian.org/pool/updates/main/o/ocsinventory-agent/ocsinventory-agent_0.0.9.2repack1-4lenny1.diff.gznvdPatch
- www.debian.org/security/2009/dsa-1828nvdPatch
- www.securityfocus.com/bid/35593nvdPatch
- www.vupen.com/english/advisories/2009/1809nvdPatchVendor Advisory
- osvdb.org/55718nvd
- secunia.com/advisories/35727nvd
- secunia.com/advisories/35768nvd
- www.ocsinventory-ng.org/index.phpnvd
News mentions
0No linked articles in our index yet.