Bug 729162 (CVE-2011-2904, CVE-2011-3263, CVE-2011-3264)
| Summary: | CVE-2011-2904 CVE-2011-3263 CVE-2011-3264 zabbix: multiple flaws in zabbix < 1.8.6 | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Vincent Danen <vdanen> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | dan, jeff, nelsonab, volker27 |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | zabbix 1.8.6 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2014-01-06 19:33:48 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 729164, 729165 | ||
| Bug Blocks: | |||
|
Description
Vincent Danen
2011-08-08 21:35:13 UTC
Created zabbix tracking bugs for this issue Affects: fedora-all [bug 729164] Affects: epel-all [bug 729165] This issue was assigned the name CVE-2011-2904. There were more issues corrected in zabbix 1.8.6, noted below: Common Vulnerabilities and Exposures assigned an identifier CVE-2011-2904 to the following vulnerability: Name: CVE-2011-2904 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2904 Assigned: 20110727 Reference: http://www.openwall.com/lists/oss-security/2011/08/08/2 Reference: http://www.openwall.com/lists/oss-security/2011/08/09/5 Reference: http://www.zabbix.com/rn1.8.6.php Reference: https://bugzilla.redhat.com/show_bug.cgi?id=729162 Reference: https://support.zabbix.com/browse/ZBX-3835 Reference: http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063904.html Reference: http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063884.html Reference: http://www.securityfocus.com/bid/49016 Reference: http://secunia.com/advisories/45502 Reference: http://secunia.com/advisories/45677 Reference: http://xforce.iss.net/xforce/xfdb/69025 Cross-site scripting (XSS) vulnerability in acknow.php in Zabbix before 1.8.6 allows remote attackers to inject arbitrary web script or HTML via the backurl parameter. Common Vulnerabilities and Exposures assigned an identifier CVE-2011-3263 to the following vulnerability: Name: CVE-2011-3263 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3263 Assigned: 20110819 Reference: http://www.zabbix.com/rn1.8.6.php Reference: https://support.zabbix.com/browse/ZBX-3794 zabbix_agentd in Zabbix before 1.8.6 and 1.9.x before 1.9.4 allows context-dependent attackers to cause a denial of service (CPU consumption) by executing the vfs.file.cksum command for a special device, as demonstrated by the /dev/urandom device. Common Vulnerabilities and Exposures assigned an identifier CVE-2011-3264 to the following vulnerability: Name: CVE-2011-3264 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3264 Assigned: 20110819 Reference: http://www.zabbix.com/rn1.8.6.php Reference: https://support.zabbix.com/browse/ZBX-3840 Zabbix before 1.8.6 allows remote attackers to obtain sensitive information via an invalid srcfld2 parameter to popup.php, which reveals the installation path in an error message. Looks like we're ok on the Fedora side (1.8.6 in F14/F15, in testing for F16), and EPEL6 has 1.8.6 in testing as well. I'm unsure whether or not all of these flaws affect EPEL4/5 though; it's at 1.4.6/1.4.7. Only EPEL 5 should be left: https://support.zabbix.com/browse/ZBX-3840?focusedCommentId=74131#comment-74131 zabbix 1.4.7 was retired and blocked in EPEL 5, as there is no upstream support for this version. This was the only remaining version potentially or actually prone to this issue, thus closing. Users are encouraged to update to zabbix20 or later. |