Uploaded image for project: 'ZABBIX BUGS AND ISSUES'
  1. ZABBIX BUGS AND ISSUES
  2. ZBX-4625

issue cause Zabbix Server and Agent crash on Linux

    XMLWordPrintable

Details

    • Incident report
    • Status: Closed
    • Major
    • Resolution: Won't fix
    • None
    • None
    • Agent (G), Server (S)
    • None
    • Zabbix Server and Agent (trunk rev.25240)
      Linux

    Description

      Linux GNU C Library has crashing issue.
      And it also affect to Zabbix.
      http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4051

      Following command or setting make Zabbix crash.
      I used latest trunk version (rev.25240)
      Older versions are same.

      Zabbix Agent
      Executing following command cause Zabbix Agent crash.

      $ zabbix_get -s 127.0.0.1 -k 'vfs.file.regexp[/etc/passwd,".*{10,}{10,}{10,}{10,}{10,}"]'
      

      Setting following item from WebUI has same effect.

      'vfs.file.regexp[/etc/passwd,".*{10,}{10,}{10,}{10,}{10,}"]'
      

      Zabbix Server
      Setting following trigger from WebUI and when some new data come from log[/tmp/out.log] it cause Zabbix Server crash.

      {Zabbix server:log[/tmp/out.log].regexp(".*{10,}{10,}{10,}{10,}{10,}")}=1
      

      As far as I know, no Linux distributer fix the issue about 1 year.
      Maybe no Linux distributer will fix it.
      They seems to think it is "unimportant" or application should check the input string.
      https://bugzilla.redhat.com/show_bug.cgi?id=645859#c6
      http://security-tracker.debian.org/tracker/CVE-2010-4051

      Not only glibc, eglibc has same problem.
      Debian and Ubuntu use eglibc as C Library.

      I suggest to use other regex library or add check input string to fix this problem.

      Attachments

        Activity

          People

            Unassigned Unassigned
            zalex_ua Oleksii Zagorskyi
            Votes:
            2 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: