Two vulnerabilities in the Zabbix server were reported by the Cisco TALOS. CVE-2017-2824 TALOS-2017-0325 Zabbix Server Active Proxy Trapper Remote Code Execution Vulnerability An exploitable code execution vulnerability exists in the trapper command functionality of Zabbix Server 2.4.X . A specially crafted set of packets can cause a command injection resulting in remote code execution. An attacker can make requests from an active Zabbix Proxy to trigger this vulnerability. http://www.talosintelligence.com/reports/TALOS-2017-0325/ CVE-2017-2825 TALOS-2017-0326 Zabbix Proxy Server SQL Database Write Vulnerability An exploitable database write vulnerability exists in the trapper functionality of Zabbix Server 2.4.X . Specifically crafted trapper packets can pass database logic checks, resulting in database writes. An attacker set up a Man-in-the-Middle server to alter trapper requests made between an active Zabbix proxy and Server to trigger this vulnerability. http://www.talosintelligence.com/reports/TALOS-2017-0326/
Created zabbix tracking bugs for this issue: Affects: epel-6 [bug 1448394] Affects: openshift-1 [bug 1448396] Created zabbix20 tracking bugs for this issue: Affects: epel-all [bug 1448393] Created zabbix22 tracking bugs for this issue: Affects: epel-all [bug 1448395]
Upstream issue: https://support.zabbix.com/browse/ZBX-12075
and https://support.zabbix.com/browse/ZBX-12074