XMLWordPrintable

Details

    • Patch request
    • Status: Closed
    • Trivial
    • Resolution: Declined
    • None
    • None
    • None
    • None
    • Appliance

    Description

      Hello,

      In the scripts menu in administration page, the app aven't got any filter at all.

       

      It's possible for an user with suffisant right to make Zabbix app act like an C&C and get a shell in any host he whant. That's not very secure .

       

      I found many of zabbix servers with the nmap binnary accessible in sudo without password for the zabbix user. Result a reverse shell by the script lunched in the app on the host and a privilege escalation with the common exploitation of nmap with a crafted NSE script lunched as root (sudo) to have a root shell on the instance.

      Attachments

        Activity

          People

            zalex_ua Oleksii Zagorskyi
            ArianeBlow ArianeBlow
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: