PT-2006-7294 · Zabbix · Zabbix
Max Vozeler
+1
·
Publicado
2006-12-21
·
Atualizado
2011-03-08
·
CVE-2006-6693
CVSS v2.0
7.5
Alta
| Vetor | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions:
Zabbix versions prior to 20061006
Description:
The issue is related to multiple buffer overflows that can cause a denial of service, potentially leading to application crashes, and may allow the execution of arbitrary code. This is achieved by sending long strings to the
zabbix log and zabbix syslog functions.Recommendations:
For versions prior to 20061006, update to a version released after 20061006 to resolve the issue. As a temporary workaround, consider restricting input to the
zabbix log and zabbix syslog functions to prevent long strings from being processed.Exploit
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Zabbix