vendor:
Zabbix Server
by:
Nicob
7.5
CVSS
HIGH
Remote command execution, Remote SQL execution, Remote DoS (NULL deref)
78, 89, 399
CWE
Product Name: Zabbix Server
Affected Version From: 1.6.2006
Affected Version To: 1.8
Patch Exists: YES
Related CWE: N/A
CPE: a:zabbix:zabbix_server
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2009
Zabbix Server : Multiple remote vulnerabilities
Zabbix Server is a network management system application designed to monitor and track the status of various network services, servers, and other network hardware. Multiple vulnerabilities were discovered in Zabbix Server, including remote command execution, remote SQL execution, and remote DoS (NULL deref). The faulty source code for each vulnerability was identified and patched versions were released. The changelog entries for each vulnerability are also provided.
Mitigation:
Upgrade to the latest version of Zabbix Server.