Zimbra “zmslapd” Local Root Exploit.

This exploit was brought to you by “reading the manual”, mostly. It is the second local privilege escalation I found while doing an extremely low effort audit of Zimbra. You should read the first post, here: https://darrenmartyn.ie/2021/10/25/zimbra-nginx-local-root-exploit/ In order to exploit this issue, you need code execution as the “zimbra” user. TL;DR: In a stock …