0day.today - Biggest Exploit Database in the World.

Select your language:

Things you should know about 0day.today:

We use one main domain: http://0day.today
Most of the materials is completely FREE
If you want to purchase the exploit / get V.I.P. access or pay for any other service,
you need to buy or earn GOLD

We accept currencies: [contact admin to find more]

We don't want you to use our site as a tool for hacking purposes, so any kind of action that could affect illegaly other users or websites that you don't have right to access will be banned and your account including your data will be destroyed.

Administration of this site uses the official contacts. Beware of impostors!

We DO NOT use Telegram or any messengers / social networks!
Please, beware of scammers!

I am registered user of 0day.today. I don't want to see this screen in future.

What to do first?

Read the [ agreement ]
Read the [ Submit ] rules
Visit the [ faq ] page
[ Register ] profile
Get [ GOLD ]
If you want to [ sell ]
If you want to [ buy ]
If you lost [ Account ]
Any questions [ admin@0day.today ]

Main links

You can contact us by

Mail:

mr.inj3ct0r@gmail.com

Facebook:

Inj3ct0rs

Twitter:

Inj3ct0r

Telegram:

We DO NOT use Telegram or any messengers / social networks!

[ authorization ] [ registration ] [ restore account ]

You can contact us by:

Mail:

mr.inj3ct0r@gmail.com

Facebook:

Inj3ct0rs

Twitter:

Inj3ct0r

Telegram:

We DO NOT use Telegram or any messengers / social networks!

Zabbix Server Multiple remote vulnerabilities

Author

Nicob

Risk

[

Security Risk Unsored

]

0day-ID

0day-ID-10244

Category

web applications

Date add

14-12-2009

Platform

unsorted

=============================================
Zabbix Server Multiple remote vulnerabilities
=============================================

Zabbix Server : Multiple remote vulnerabilities From: Nicob <nicob () nicob net>
Date: Sun, 13 Dec 2009 16:28:35 +0100
 
From Wikipedia : "Zabbix is a network management system application
 
[...] designed to monitor and track the status of various network
services, servers, and other network hardware."
 
[Zabbix Server : Remote command execution]
 
Impacted software : Zabbix Server
Zabbix reference : https://support.zabbix.com/browse/ZBX-1030
Patched version : 1.8
 
Faulty source code : function node_process_command() in
zabbix_server/trapper/nodecommand.c
 
Changelog entry : fixed security vulnerability in server allowing remote
unauthenticated users to execute scripts
 
[Zabbix Server : Remote SQL execution]
 
Impacted software : Zabbix Server
Zabbix reference : https://support.zabbix.com/browse/ZBX-1031
Patched version : 1.6.8 (patch for 1.6.7 was insufficient)
 
Faulty source code : function send_history_last_id() in
zabbix_server/trapper/nodehistory.c
 
Changelog entry (1.6.7) : fixed security vulnerability in server,
allowing remote unauthenticated users to execute arbitrary SQL queries
Changelog entry (1.6.8) : added more security checks for communication
between nodes
 
[Zabbix Server : Remote DoS (NULL deref)]
 
Impacted software : Zabbix Server
Zabbix reference : https://support.zabbix.com/browse/ZBX-993
Patched version : 1.6.6
 
Faulty source code : function process_trap() in
zabbix_server/trapper/trapper.c
 
Changelog entry : fixed possible vulnerability of trapper
 
[Zabbix Server : Remote DoS (NULL deref)]
 
Impacted software : Zabbix Server
Zabbix reference : https://support.zabbix.com/browse/ZBX-1355
Patched version : 1.6.8
 
Faulty source code : function zbx_get_next_field() in
libs/zbxcommon/str.c
 
Changelog entry : fixed possible server crash when receiving invalid
data



#  0day.today [2024-11-16]  #

We DO NOT use Telegram or any messengers / social networks!

Please, beware of scammers!

Zabbix Server Multiple remote vulnerabilities

Report Error

Report Error