Bug 488501
Summary: | zabbix: multiple vulnerabilities in zabbix frontend | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Vincent Danen <vdanen> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | |
Severity: | high | Docs Contact: | |
Priority: | low | ||
Version: | unspecified | CC: | bressers, dan, jeff, leo |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2010-03-22 18:15:57 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Vincent Danen
2009-03-04 17:37:44 UTC
I took a quick gander at the changes noted and there is a lot of noise surrounding the patches, but it doesn't look like 1.4.x is affected (which means only Fedora 10 would be affected by this), but I would appreciate a second set of eyes to verify that. This should be corrected in the 1.6.3 release when it is made available. The remote code execution is the one that worries the most as it can be done by an unauthenticated user, and magic quotes is off by default. Jeff, I'm adding you to the CC on this as it looks like you have done most of the packaging of zabbix lately (although Dan is listed as the maintainer by koji). Thanks. I'm working on a updated package that include all of the post-1.6.2 patches in SVN since there isn't a specific commit that is marked as fixing the problem. I'll hopefully be able to do some testing today of the packages. Thanks, Jeff. The svn revisions I noted are what the Gentoo devs believe are the fixes, but there is so much other stuff mixed in with those commits, it's hard to quickly pin-point what the fixes are (which is what made it difficult to determine if 1.4.x is affected, but a lot of the stuff that has changed that _isn't_ whitespace or function renaming doesn't seem applicable to the older release). Looks like this may indeed affect 1.4.x, judging by this post on full-disclosure: http://lists.grok.org.uk/pipermail/full-disclosure/2009-March/068274.html If that is the case (can you verify it?), then this would also affect F9 and EPEL4, EPEL5. Thanks. It also looks as though upstream fixes as of the advisory were incomplete: http://lists.grok.org.uk/pipermail/full-disclosure/2009-March/068318.html has more details. This appears to be fixed by new upstream versions. |