Uploaded image for project: 'ZABBIX BUGS AND ISSUES'
  1. ZABBIX BUGS AND ISSUES
  2. ZBX-7091

SQL injection vulnerabilities in the API and frontend

    Details

      Description

      -------------------------
      Vulnerability description
      -------------------------

      Zabbix frontend and API are vulnerable to SQL injection attacks. The vulnerabilities allow an attacker to gain access to the database and execute arbitrary SQL statements.

      Please use CVE-2013-5743 to refer to this vulnerability.

      -------
      Details
      -------

      (1) The following API methods and parameters have have been reported to be vulnerable:

      alert.get: time_from, time_till;
      event.get: object, source, eventid_from, eventid_till;
      graphitem.get: parameter: type;
      graph.get: parameter: type;
      graphprototype.get: parameter: type;
      history.get: parameter: time_from, time_till;
      trigger.get: parameter: lastChangeSince, lastChangeTill, min_severity;
      triggerprototype.get: parameter: min_severity;
      usergroup.get: parameter: status.
      This issue has been reported by Bernhard Schildendorfer from SEC Consult.

      (2) Code responsible for adding objects such as graphs or maps to favorites is also vulnerable to this type of attacks. This can be exploited on the "Dashboard", "Graphs", "Maps", "Latest data" and "Screens" pages in the "Monitoring" section.

      This issue has been reported by Lincoln, a member of Corelan Team.

      -----------------
      Affected versions
      -----------------

      All of the Zabbix versions are in some way vulnerable to this type of attacks.

      --------------
      Fixed versions
      --------------

      These vulnerabilities have been fixed in the latest releases of Zabbix. Additionally, an internal security audit was performed and similar vulnerabilities have been fixed in other areas.

      The fix is available in the following Zabbix releases
      2.0.9
      1.8.18

      Additionally, patches are available for the following Zabbix versions:
      2.0.8
      1.8.17
      1.8.2

        Attachments

        1. ZBX-7091-1.8.18rc1.patch
          156 kB
        2. ZBX-7091-1.8.2.patch
          234 kB
        3. ZBX-7091-2.0.8.patch
          81 kB
        4. ZBX-7091-2.0.9rc1.patch
          81 kB
        5. ZBX-7091-2.1.7.patch
          96 kB

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              jelisejev Pavels Jelisejevs (Inactive)
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: