Loading...

XML

Word

Printable

Type: Problem report
Resolution: Fixed
Priority: Critical
Fix Version/s: 3.0.26rc1, 4.0.6rc1, 4.2.0beta2, 4.2 (plan)
Affects Version/s: 3.0.25, 4.0.6rc1
Component/s: Server (S)
Labels:
None

Sprint:
Sprint 49 (Feb 2019)
Story Points:
0.25

It's possible to send specific network discovery contents to Zabbix server and make it to accept invalid DNS, resulting in such host being discovered:

Later if there are scripts that call HOST.DNS, for example script:

/usr/bin/traceroute {HOST.DNS}

It can open in something unexpected:

- - Sort By Name
  - Sort By Date
  - Ascending
  - Descending
  - Thumbnails
  - List
  - Download All

traceroute.png
15 kB
2019 Feb 20 17:59
echo.png
54 kB
2019 Feb 20 17:56

caused by

ZBX-12349 CVE-2017-2824 zabbix: Multiple vulnerabilities

Closed

Assignee:: Vladislavs Sokurenko
Reporter:: Vladislavs Sokurenko
Team:: Team A
Votes:: 0 Vote for this issue
Watchers:: 2 Start watching this issue

Created:: 2019 Feb 20 18:01
Updated:: 2024 Apr 10 16:58
Resolved:: 2019 Mar 26 07:03

Details

Description

Attachments

Attachments

Issue Links

Activity

People

Dates