oss-sec mailing list archives
Re: CVE Request -- Zabbix v1.8.2 and v.1.6.9
From: Josh Bressers <bressers () redhat com>
Date: Thu, 1 Apr 2010 15:31:18 -0400 (EDT)
----- "Jan Lieskovsky" <jlieskov () redhat com> wrote:
Hi Steve, vendors, though April the First today, this doesn't seem to be a joke: a, Zabbix <= 1.8.1 SQL Injection [1] http://seclists.org/fulldisclosure/2010/Apr/1 [2] http://www.zabbix.com/rn1.8.2.php
Use CVE-2010-1144 for this one
b, also on 25 March 2010, Zabbix v1.6.9 was released: [3] http://www.zabbix.com/rn1.6.9.php fixing one security issue -- remote commands execution in Zabbix Server. [4] https://support.zabbix.com/browse/ZBX-1030
Use CVE-2010-1145 for this one Thanks -- JB
Current thread:
- CVE Request -- Zabbix v1.8.2 and v.1.6.9 Jan Lieskovsky (Apr 01)
- Re: CVE Request -- Zabbix v1.8.2 and v.1.6.9 Josh Bressers (Apr 01)
- RE: CVE Request -- Zabbix v1.8.2 and v.1.6.9 Nicolas GREGOIRE (Apr 02)
- Re: CVE Request -- Zabbix v1.8.2 and v.1.6.9 Moritz Muehlenhoff (Apr 02)
- Re: CVE Request -- Zabbix v1.8.2 and v.1.6.9 Tomas Hoger (Apr 03)
- Re: CVE Request -- Zabbix v1.8.2 and v.1.6.9 Nicob (Apr 04)
- Re: CVE Request -- Zabbix v1.8.2 and v.1.6.9 Steven M. Christey (Apr 06)
- Re: CVE Request -- Zabbix v1.8.2 and v.1.6.9 Josh Bressers (Apr 01)