7 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-42332
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The researcher is showing that due to the way the SNMP trap log is parsed, an attacker can craft an SNMP trap with additional lines of information and have forg...
Fedora: Security Advisory (FEDORA-2024-bcdea6e995)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 40 : zabbix (2024-bcdea6e995)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-bcdea6e995 advisory. Update to 6.0.36 CVE-2024-42330 rhbz2329219, CVE-2024-42332 rhbz2329222, CVE-2024-42333 rhbz2329225 Tenable has extracted the preceding description...
Debian: Security Advisory (DLA-3984-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-42332
The researcher is showing that due to the way the SNMP trap log is parsed, an attacker can craft an SNMP trap with additional lines of information and have forged data show in the Zabbix UI. This attack requires SNMP auth to be off and/or the attacker to know the community/auth details. The attac...
CVE-2024-42332 New line injection in Zabbix SNMP traps
The researcher is showing that due to the way the SNMP trap log is parsed, an attacker can craft an SNMP trap with additional lines of information and have forged data show in the Zabbix UI. This attack requires SNMP auth to be off and/or the attacker to know the community/auth details. The attac...
CVE-2024-42332 New line injection in Zabbix SNMP traps
The researcher is showing that due to the way the SNMP trap log is parsed, an attacker can craft an SNMP trap with additional lines of information and have forged data show in the Zabbix UI. This attack requires SNMP auth to be off and/or the attacker to know the community/auth details. The attac...