oss-sec mailing list archives
CVE Request -- Zabbix v1.8.2 and v.1.6.9
From: Jan Lieskovsky <jlieskov () redhat com>
Date: Thu, 01 Apr 2010 13:11:09 +0200
Hi Steve, vendors, though April the First today, this doesn't seem to be a joke: a, Zabbix <= 1.8.1 SQL Injection [1] http://seclists.org/fulldisclosure/2010/Apr/1 [2] http://www.zabbix.com/rn1.8.2.php b, also on 25 March 2010, Zabbix v1.6.9 was released: [3] http://www.zabbix.com/rn1.6.9.php fixing one security issue -- remote commands execution in Zabbix Server. [4] https://support.zabbix.com/browse/ZBX-1030 Could you allocate CVE ids for these two issues? Thanks && Regards, Jan. -- Jan iankko Lieskovsky / Red Hat Security Response Team
Current thread:
- CVE Request -- Zabbix v1.8.2 and v.1.6.9 Jan Lieskovsky (Apr 01)
- Re: CVE Request -- Zabbix v1.8.2 and v.1.6.9 Josh Bressers (Apr 01)
- RE: CVE Request -- Zabbix v1.8.2 and v.1.6.9 Nicolas GREGOIRE (Apr 02)
- Re: CVE Request -- Zabbix v1.8.2 and v.1.6.9 Moritz Muehlenhoff (Apr 02)
- Re: CVE Request -- Zabbix v1.8.2 and v.1.6.9 Tomas Hoger (Apr 03)
- Re: CVE Request -- Zabbix v1.8.2 and v.1.6.9 Nicob (Apr 04)
- Re: CVE Request -- Zabbix v1.8.2 and v.1.6.9 Steven M. Christey (Apr 06)
- Re: CVE Request -- Zabbix v1.8.2 and v.1.6.9 Josh Bressers (Apr 01)