• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

OCS Inventory NG Agent 'Backend.pm' Perl Module Handling Code Execution Vulnerability

OCS Inventory NG Agent is prone to a vulnerability that lets local attackers execute arbitrary Perl code.

Local attackers can leverage this issue to execute arbitrary code via the application's insecure Perl module search path. This may allow attackers to elevate their privileges and compromise the application or the underlying computer. Other attacks may also be possible.