Lucene search

K
cve[email protected]CVE-2008-1353
HistoryMar 17, 2008 - 5:44 p.m.

CVE-2008-1353

2008-03-1717:44:00
web.nvd.nist.gov
19
cve-2008-1353
zabbix
denial of service
security vulnerability
nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.8 Medium

AI Score

Confidence

High

0.069 Low

EPSS

Percentile

93.9%

zabbix_agentd in ZABBIX 1.4.4 allows remote attackers to cause a denial of service (CPU and connection consumption) via multiple vfs.file.cksum commands with a special device node such as /dev/urandom or /dev/zero.

Affected configurations

NVD
Node
zabbixzabbixMatch1.1.2
OR
zabbixzabbixMatch1.1.3
OR
zabbixzabbixMatch1.1.4
OR
zabbixzabbixMatch1.1.5
OR
zabbixzabbixMatch1.4.2
OR
zabbixzabbixMatch1.4.3

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.8 Medium

AI Score

Confidence

High

0.069 Low

EPSS

Percentile

93.9%