5 matches found
Zabbix Server Arbitrary Command Execution
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Zabbix Server Arbitrary Command...
Zabbix Server - Arbitrary Command Execution (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Zabbix Server Arbitrary Command...
Code injection
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-4498. Reason: This candidate is a duplicate of CVE-2009-4498. Notes: All CVE users should reference CVE-2009-4498 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...
Zabbix node_process_command() Function Crafted Request Arbitrary Command Execution
The version of Zabbix server running on the remote host has a command execution vulnerability in the 'processnodecommand' function of 'nodehistory.c'. A remote attacker could exploit this by sending a specially crafted request, resulting in the execution of operating system commands. C Tenable...
CVE-2009-4498
CVE-2009-4498 affects Zabbix Server before 1.8. The vulnerability lies in node_process_command() (nodehistory.c), allowing remote command execution via a crafted request. Documented impact is remote arbitrary command execution with network access (CVSSv2 base 6.8). Connected sources confirm explo...