Milen Rangelov

**Name of the Vulnerable Software and Affected Versions** ZABBIX version 1.4.4 **Description** The issue allows remote attackers to cause a denial of service, consuming CPU and connections, by sending multiple `vfs.file.cksum` commands with a special device node, such as `/dev/urandom` or `/dev/zero`. **Recommendations** For ZABBIX version 1.4.4, consider restricting access to the `vfs.file.cksum` command to prevent exploitation, and apply configuration changes to limit the impact of denial-of-service attacks.

**Name of the Vulnerable Software and Affected Versions** Debian GNU/Linux (affected versions not specified) **Description** The issue allows local users to append to arbitrary files and gain privileges. This is achieved by sending ICMP Nasty Garbage (sing) and utilizing the -L option, which specifies an output log file. It's noted that this issue is only a vulnerability in limited environments, as sing is not installed setuid by default, and an administrator would need to override this default during installation. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.