oss-sec mailing list archives
Re: CVE Request -- Zabbix v1.8.2 and v.1.6.9
From: Tomas Hoger <thoger () redhat com>
Date: Sat, 3 Apr 2010 13:44:16 +0200
On Fri, 2 Apr 2010 22:28:10 +0200 Moritz Muehlenhoff <jmm () inutil org> wrote:
a, Zabbix <= 1.8.1 SQL Injection [1] http://seclists.org/fulldisclosure/2010/Apr/1 [2] http://www.zabbix.com/rn1.8.2.phpUse CVE-2010-1144 for this oneJosh, in a later mail you've assigned the same ID to a libnids issue:
Looks like a wrong id used in libnids mail as, according to notes, the assignment should be: CVE-2010-0751 libnids v1.24 -- Null pointer dereference CVE-2010-1144 Zabbix <= 1.8.1 SQL Injection CVE-2010-1145 Zabbix remote commands execution in Zabbix Server -- Tomas Hoger / Red Hat Security Response Team
Current thread:
- CVE Request -- Zabbix v1.8.2 and v.1.6.9 Jan Lieskovsky (Apr 01)
- Re: CVE Request -- Zabbix v1.8.2 and v.1.6.9 Josh Bressers (Apr 01)
- RE: CVE Request -- Zabbix v1.8.2 and v.1.6.9 Nicolas GREGOIRE (Apr 02)
- Re: CVE Request -- Zabbix v1.8.2 and v.1.6.9 Moritz Muehlenhoff (Apr 02)
- Re: CVE Request -- Zabbix v1.8.2 and v.1.6.9 Tomas Hoger (Apr 03)
- Re: CVE Request -- Zabbix v1.8.2 and v.1.6.9 Nicob (Apr 04)
- Re: CVE Request -- Zabbix v1.8.2 and v.1.6.9 Steven M. Christey (Apr 06)
- Re: CVE Request -- Zabbix v1.8.2 and v.1.6.9 Josh Bressers (Apr 01)