[#ZBX-10272] URL Redirect

[ZBX-10272] URL Redirect Created: 2016 Jan 15 Updated: 2020 Jul 16 Resolved: 2019 Feb 17
Status:	Closed
Project:	ZABBIX BUGS AND ISSUES
Component/s:	Frontend (F)
Affects Version/s:	2.2.11
Fix Version/s:	None

Type:

Defect (Security)

Priority:

Minor

Reporter:

Oliveira Lima

Assignee:

Zabbix Development Team

Resolution:

Fixed

Votes:

Labels:

security

Remaining Estimate:

Not Specified

Time Spent:

Not Specified

Original Estimate:

Not Specified

Attachments:

POC_URL_redirect-131314-15012016.mp4

Issue Links:

Duplicate
duplicates	~~ZBX-13133~~	Multiple security issues in frontend	Closed

Description

hello ,

I would like to report a fault in the request parameter , it allows redirection to external links from happening , which would make it possible for an attacker , using the suitability of the field with zabbix application, phishing attacks.

Example:

Normal request :

http: //server/zabbix/index.php?request=hosts.php

Malicious request :

http: //server/zabbix/index.php?request=http://fakepage/hosts.php

POC attached a video.

Comments

Comment by Alexander Vladishev [ 2019 Feb 16 ]

Closed as duplicate of ~~ZBX-13133~~.

Comment by Oliveira Lima [ 2019 Feb 17 ]

Years to answer a ticket and apparently respond wrong !?

the ticket reported by Miks Kronkalns was on the day 2017 Dec 04 15:52.

meu ticket 2016 Jan 15 18:39.

I reported it first!

Comment by Oliveira Lima [ 2019 Feb 17 ]

Years to answer a ticket and apparently respond wrong !?

the ticket reported by Miks Kronkalns was on the day 2017 Dec 04 15:52.

meu ticket 2016 Jan 15 18:39.

I reported it first!

Comment by Alexander Vladishev [ 2019 Feb 17 ]

I wanted to say that this problem was fixed under a different issue, so I closed your issue as a duplicate.
Well, I will close it in another way.

Comment by Alexander Vladishev [ 2019 Feb 17 ]

Fixed with ~~ZBX-13133~~ in:

2.2.21rc1 r75343
3.0.13rc1 r75345
3.2.10rc1 r75353
3.4.4rc1 r75349
4.0.0alpha1 (trunk) r75351

Comment by dimir [ 2019 Feb 18 ]

venon, please do not get us wrong. We respect your input and thank you for taking time and creating this well-detailed ticket. It just happened so that it was easier to fix multiple security issues in one ticket and your issue was fixed there.

Generated at Fri Apr 26 10:49:38 EEST 2024 using Jira 9.12.4#9120004-sha1:625303b708afdb767e17cb2838290c41888e9ff0.

[ZBX-10272] URL Redirect Created: 2016 Jan 15 Updated: 2020 Jul 16 Resolved: 2019 Feb 17