6 matches found
CVE-2014-1682
The API in Zabbix before 1.8.20rc1, 2.0.x before 2.0.11rc1, and 2.2.x before 2.2.2rc1 allows remote authenticated users to spoof arbitrary users via the user name in a user.login request...
CVE-2014-1682
The CVE concerns Zabbix API authentication: versions 1.8.20rc1, 2.0.x before 2.0.11rc1, and 2.2.x before 2.2.2rc1 expose a user impersonation flaw in user.login. An authenticated remote user can spoof arbitrary users by supplying a crafted username, potentially enabling privilege abuse or misrepr...
Fedora Update for zabbix FEDORA-2014-5540
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for zabbix FEDORA-2014-5551
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 19 : zabbix-2.0.11-3.fc19 (2014-5551)
The logrotate configuration had no su statement in 2.0.11-2. Furthermore, the log file should have been created as zabbixsrv:zabbix for the proxy and server, what they are now. http://www.zabbix.com/rn2.0.11.php Also solves 3 security issues : - ZBX-7703 fixed being able to switch users without...
Fedora 20 : zabbix-2.0.11-3.fc20 (2014-5540)
The logrotate configuration had no su statement in 2.0.11-2. Furthermore, the log file should have been created as zabbixsrv:zabbix for the proxy and server, what they are now. http://www.zabbix.com/rn2.0.11.php Also solves 3 security issues : - ZBX-7703 fixed being able to switch users without...