[#ZBX-16019] fix host.conn expansion in global scripts

[ZBX-16019] fix host.conn expansion in global scripts Created: 2018 Dec 13 Updated: 2024 Apr 10 Resolved: 2019 Apr 30
Status:	Closed
Project:	ZABBIX BUGS AND ISSUES
Component/s:	Server (S)
Affects Version/s:	None
Fix Version/s:	3.0.27rc1, 4.0.7rc1, 4.2.1rc1, 4.4.0alpha1, 4.4 (plan)

Type:

Defect (Security)

Priority:

Trivial

Reporter:

Rostislav Palivoda

Assignee:

Andrejs Kozlovs

Resolution:

Fixed

Votes:

Labels:

security, vulnerability

Remaining Estimate:

Not Specified

Time Spent:

Not Specified

Original Estimate:

Not Specified

Team:

Team A

Team:

Team A

Story Points:

1.5

Description

Currently HOST.CONN macro is used in Ping script (globals script), but it can be used to inject another script into PING like so:

Setting host ip to {$MACRO}
Setting macro to "127.0.0.1; cat /etc/zabbix/zabbix_server.conf"

Zabbix server should perform validation of expanded HOST.CONN macro and not execute global script if macro is expanded into something that is not IP / domain name.

Comments

Comment by Alexander Vladishev [ 2018 Dec 14 ]

HOST.IP, IPADDRESS and HOST.DNS also must be validated

Comment by Andrejs Kozlovs [ 2019 Apr 12 ]

Fixed in:

3.0.27rc1 r92564
4.0.7rc1 r92567
4.2.1rc1 r92572
4.4.0alpha1 (trunk) r92574

Generated at Fri Apr 19 09:48:41 EEST 2024 using Jira 9.12.4#9120004-sha1:625303b708afdb767e17cb2838290c41888e9ff0.

[ZBX-16019] fix host.conn expansion in global scripts Created: 2018 Dec 13 Updated: 2024 Apr 10 Resolved: 2019 Apr 30