Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
APP:MISC:ZABBIC-NODE-PROCESS-CE |
|---|---|
Severity |
Minor |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
APP |
Keywords |
Zabbix NodeProcess Command Remote Command Execution |
Release Date |
2015/06/12 |
Update Number |
2504 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
APP: Zabbix NodeProcess Command Remote Command Execution
This signature detects attempts to exploit a known vulnerability against Zabbix. A successful exploit can lead to remote command execution.
Extended Description
ZABBIX is prone to a remote command-execution vulnerability because the software fails to restrict access to sensitive commands. Successful attacks can compromise the affected software and possibly the computer. Versions prior to ZABBIX 1.6.8 are vulnerable.
Affected Products
- Red_hat fedora 11
- Red_hat fedora 12
- Zabbix zabbix 1.6.2
- Zabbix zabbix 1.6.3
- Zabbix zabbix 1.6.5
- Zabbix zabbix 1.6.6
- Zabbix zabbix 1.6.7
References
- BugTraq: 37989
- CVE: CVE-2009-4498
- URL: https://support.zabbix.com/browse/ZBX-1030