CVE-2006-6692

Name of the Vulnerable Software and Affected Versions: zabbix versions prior to 20061006

Description: The issue concerns multiple format string vulnerabilities that could allow attackers to cause a denial of service, potentially leading to an application crash, and possibly execute arbitrary code. This is achieved through format string specifiers in information that would be recorded in the system log using functions such as zabbix log or zabbix syslog.

Recommendations: For versions prior to 20061006, update to a version released after 20061006 to resolve the issue. As a temporary workaround, consider restricting the use of zabbix log and zabbix syslog functions until a patch is available.