10 matches found
Ubuntu: Security Advisory (USN-4767-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4767-1: Zabbix vulnerabilities
Fu Chuang discovered that Zabbix did not properly parse IPs. A remote attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. CVE-2020-11800 It was discovered that Zabbix incorrectly handled certain...
Exploit for SQL Injection in Zabbix
This is an open-source collection of pre-built vulnerable docker environments. It is an offensive tool for web application security testing. The primary CVE IDs present in the context are CVE-2016-10134, CVE-2017-2824, and CVE-2020-11800. The target product/service or framework is not explicitly...
Exploit for SQL Injection in Zabbix
This is an open-source collection of pre-built vulnerable docker environments. It is an offensive tool for web application security testing. The primary CVEs mentioned in the repository are CVE-2016-10134, CVE-2017-2824, and CVE-2020-11800. The target product/service or framework is not explicitl...
FreeBSD : Zabbix -- Remote code execution (5df8bd95-8290-11e7-93af-005056925db4)
mitre reports : An exploitable code execution vulnerability exists in the trapper command functionality of Zabbix Server 2.4.X. A specially crafted set of packets can cause a command injection resulting in remote code execution. An attacker can make requests from an active Zabbix Proxy to trigger...
Debian DSA-3937-1 : zabbix - security update
Lilith Wyatt discovered two vulnerabilities in the Zabbix network monitoring system which may result in execution of arbitrary code or database writes by malicious proxies. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...
Fedora 25 : zabbix (2017-63aca509fb)
http://www.zabbix.com/rn3.0.8 - http://www.zabbix.com/rn3.0.9 - https://www.zabbix.com/documentation/3.0/manual/introduction/whatsnew308 - https://www.zabbix.com/documentation/3.0/manual/introduction/whatsnew309 Note that Tenable Network Security has extracted the preceding description block...
CVE-2017-2824
CVE-2017-2824 is an exploitable code execution in Zabbix Server 2.4.x via the trapper command. A crafted set of packets from an active Zabbix Proxy can trigger a command injection leading to remote code execution. Connected documents include exploit repositories for Zabbix vulnerabilities (e.g., ...
Zabbix Server Active Proxy Trapper Command Injection (CVE-2017-2824)
A command injection vulnerability exists in Zabbix. The vulnerability is due to improper validation of user supplied input within the Trapper functionality of the server when the Auto-discovery or Auto-registration features are enabled. A remote, unauthenticated attacker could exploit this...
Zabbix blast remote code execution vulnerability, a database written in a high-risk vulnerability-vulnerability warning-the black bar safety net
! About Zabbix zabbix is a WEB-based interface to provide distributed system monitoring and network monitoring capabilities of enterprise-class open source solutions. zabbix to monitor various network parameters, ensure that the server system of the security operations;and to provide flexible...