[ZBX-4385] Zabbix <= 1.8.4 SQL Injection Created: 2011 Nov 24 Updated: 2017 May 30 Resolved: 2011 Nov 30 |
|
Status: | Closed |
Project: | ZABBIX BUGS AND ISSUES |
Component/s: | None |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Incident report | Priority: | Critical |
Reporter: | Márcio Almeida | Assignee: | Unassigned |
Resolution: | Fixed | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
=============================================
I. VULNERABILITY II. BACKGROUND III. INTRODUCTION IV. VULNERABLE CODE File popup.php line 1513: $sql = 'SELECT DISTINCT hostid,host '. V. PROOF OF CONCEPT Below is a PoC request that retrieves all logins and MD5 password hashes of zabbix in MySQL Database: VI. BUSINESS IMPACT An important remark regards the fact that the version 1.8.4 of zabbix VII. SYSTEMS AFFECTED VIII. SOLUTION IX. REFERENCES X. CREDITS XI. ACKNOWLEDGEMENTS XII. LEGAL NOTICES |
Comments |
Comment by richlv [ 2011 Nov 24 ] |
if this is fixed in latest versions, is there any need for additional action ? |
Comment by Márcio Almeida [ 2011 Nov 24 ] |
Yeah... Providing the fixed version in the reppositories of the apt-get, yum, etc... |
Comment by richlv [ 2011 Nov 24 ] |
that is done by corresponding packagers, i guess such reports should be created against specific distributions |
Comment by Márcio Almeida [ 2011 Nov 24 ] |
"i guess such reports should be created against specific distributions" Regarding the statement above, you mean we should report this vulnerability being more specific towards the distributions involved? Like, for example, Ubuntu 11.10, Ubuntu 11.04, Ubuntu 10.10, etc? |
Comment by richlv [ 2011 Nov 24 ] |
zabbix does not control distributions - which version of zabbix they package is up to their packager/guidelines/etc discretion |
Comment by crocro [ 2011 Nov 25 ] |
Marcio, POC does not work. In POC you say "srctbl=applications" but source code is relate to "proxies". Can you report more info to test the issue? Authentication required? My zabbix server say "no permissiones". |
Comment by richlv [ 2011 Nov 30 ] |
as the issue itself says the problem is already fixed, closing |