Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >

KB-11522: Dzcheck.sample May be Vulnerable to a Shell Variable Substitution Issue in Version 5.4.0 an Later

Authentication Service ,  

1 January,19 at 01:49 AM

For CDC 5.4.0 and later, Centrify shipped a dzcheck.sample script for customers intending to use the dzdo dzcheck feature. We have since discovered that the perl logger call may still launch a shell which means it may still be subject to the shell variable substitution attack if not properly implemented.

Ensure to follow the installation and configuration documentation exactly as described. If implementation isn't completed properly, this vulnerability can become apparent.

Note: The sample perl script is intended only as an example, not for production use.