10 matches found
Ubuntu: Security Advisory (USN-4767-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4767-1: Zabbix vulnerabilities
Fu Chuang discovered that Zabbix did not properly parse IPs. A remote attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. CVE-2020-11800 It was discovered that Zabbix incorrectly handled certain...
CVE-2014-3005
XML external entity XXE vulnerability in Zabbix 1.8.x before 1.8.21rc1, 2.0.x before 2.0.13rc1, 2.2.x before 2.2.5rc1, and 2.3.x before 2.3.2 allows remote attackers to read arbitrary files or potentially execute arbitrary code via a crafted DTD in an XML request...
CVE-2014-3005
XML external entity XXE vulnerability in Zabbix 1.8.x before 1.8.21rc1, 2.0.x before 2.0.13rc1, 2.2.x before 2.2.5rc1, and 2.3.x before 2.3.2 allows remote attackers to read arbitrary files or potentially execute arbitrary code via a crafted DTD in an XML request...
CVE-2014-3005
CVE-2014-3005 is an XXE vulnerability in Zabbix across multiple branches: 1.8.x < 1.8.21rc1, 2.0.x < 2.0.13rc1, 2.2.x < 2.2.5rc1, and 2.3.x
CVE-2014-3005
XML external entity XXE vulnerability in Zabbix 1.8.x before 1.8.21rc1, 2.0.x before 2.0.13rc1, 2.2.x before 2.2.5rc1, and 2.3.x before 2.3.2 allows remote attackers to read arbitrary files or potentially execute arbitrary code via a crafted DTD in an XML request...
Updated zabbix package fixes security vulnerability
It was reported that the Zabbix frontend supported an XML data import feature, where on the server it used DOMDocument to parse the XML. By default, DOMDocument also parses the external DTD, which could allow a remote attacker to use a crafted XML file causing Zabbix to read an arbitrary local...
Fedora 20 : zabbix-2.0.12-3.fc20 (2014-7594)
Patch CVE-2014-3005 local file inclusion via XXE attack https://support.zabbix.com/browse/ZBX-8151 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...
Fedora Update for zabbix FEDORA-2014-7594
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for zabbix FEDORA-2014-7603
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...