[ZBX-3794] zabbix_agentd DoS attack with vfs.file.cksum Created: 2011 May 09 Updated: 2017 May 30 Resolved: 2011 May 16 |
|
Status: | Closed |
Project: | ZABBIX BUGS AND ISSUES |
Component/s: | Agent (G) |
Affects Version/s: | None |
Fix Version/s: | 1.8.6, 1.9.4 (alpha) |
Type: | Incident report | Priority: | Major |
Reporter: | dimir | Assignee: | dimir |
Resolution: | Fixed | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
*NIX |
Issue Links: |
|
Description |
If you feed a checksum generator a special device i. e. /dev/urandom the CPU load jumps to 100 %. Steps to reproduce on *NIX:
|
Comments |
Comment by dimir [ 2011 May 09 ] |
Reproducible in both 1.8pre and 1.9 versions. |
Comment by dimir [ 2011 May 10 ] |
RESOLVED in development branch svn://svn.zabbix.com/branches/dev/ZBX-3794 |
Comment by dimir [ 2011 May 16 ] |
Fixed in branches/1.8 (r19561), trunk (r19633). |
Comment by richlv [ 2011 May 23 ] |
seems to have caused |
Comment by Takanori Suzuki [ 2011 Nov 02 ] |
Though Zabbix SIA might already stopped to maintain 1.6.x, because this is security issue I checked this issue in Zabbix-1.6.9. |
Comment by dimir [ 2011 Nov 02 ] |
Thanks! |