Zpanel cp X

zsudo makes it anyone can have remote access

Bug #996222 reported by Joseph Mills on 2012-05-07

256

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Zpanel cp X	Fix Released	Undecided	Joseph Mills

Bug Description

If you look at how zsudo is running from the source files
since the zsudo does echo %s...so [s]he/scumbag can reboot the server, change password etc etc...

Tags:

Revision history for this message

Joseph Mills (josephjamesmills) wrote on 2012-05-07:

source files for zsudo in package zpanelx Edit (3.7 KiB, application/x-tar)

Revision history for this message

Joseph Mills (josephjamesmills) wrote on 2012-05-09:

Remove the program all together and looking for new way to implant features that where lost

Joseph Mills (josephjamesmills) on 2012-05-11

visibility:

private → public

Joseph Mills (josephjamesmills) on 2012-05-11

Changed in zpanelcp:
status:	Confirmed → Fix Committed

Joseph Mills (josephjamesmills) on 2012-05-12

Changed in zpanelcp:
status:	Fix Committed → Fix Released
status:	Fix Released → Fix Committed

Joseph Mills (josephjamesmills) on 2012-05-13

Changed in zpanelcp:
importance:	Critical → Wishlist
importance:	Wishlist → Undecided
status:	Fix Committed → Fix Released

Report a bug

This report contains Public Security information

Everyone can see this security related information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Related blueprints

The ever lasting security issues

Bug attachments

source files for zsudo in package zpanelx Edit

Add attachment

Remote bug watches

Bug watches keep track of this bug in other bug trackers.