DSA-1420-1 zabbix -- programming error

Debian Security Advisory

DSA-1420-1 zabbix -- programming error

Date Reported:

05 Dec 2007

Affected Packages:

zabbix

Vulnerable:

Yes

Security database references:

In the Debian bugtracking system: Bug 452682.
In Mitre's CVE dictionary: CVE-2007-6210.

More information:

Bas van Schaik discovered that the agentd process of Zabbix, a network monitor system, may run user-supplied commands as group id root, not zabbix, which may lead to a privilege escalation.

zabbix is not included in the oldstable distribution (sarge).

For the stable distribution (etch), this problem has been fixed in version 1:1.1.4-10etch4.

We recommend that you upgrade your zabbix packages.

Fixed in:

Debian GNU/Linux 4.0 (etch)

Source:

http://security.debian.org/pool/updates/main/z/zabbix/zabbix_1.1.4-10etch4.dsc

http://security.debian.org/pool/updates/main/z/zabbix/zabbix_1.1.4-10etch4.diff.gz

http://security.debian.org/pool/updates/main/z/zabbix/zabbix_1.1.4.orig.tar.gz

Architecture-independent component:

http://security.debian.org/pool/updates/main/z/zabbix/zabbix-frontend-php_1.1.4-10etch4_all.deb

Alpha:

http://security.debian.org/pool/updates/main/z/zabbix/zabbix-server-mysql_1.1.4-10etch4_alpha.deb

http://security.debian.org/pool/updates/main/z/zabbix/zabbix-agent_1.1.4-10etch4_alpha.deb

http://security.debian.org/pool/updates/main/z/zabbix/zabbix-server-pgsql_1.1.4-10etch4_alpha.deb

AMD64:

http://security.debian.org/pool/updates/main/z/zabbix/zabbix-agent_1.1.4-10etch4_amd64.deb

http://security.debian.org/pool/updates/main/z/zabbix/zabbix-server-mysql_1.1.4-10etch4_amd64.deb

http://security.debian.org/pool/updates/main/z/zabbix/zabbix-server-pgsql_1.1.4-10etch4_amd64.deb

ARM:

http://security.debian.org/pool/updates/main/z/zabbix/zabbix-agent_1.1.4-10etch4_arm.deb

http://security.debian.org/pool/updates/main/z/zabbix/zabbix-server-mysql_1.1.4-10etch4_arm.deb

http://security.debian.org/pool/updates/main/z/zabbix/zabbix-server-pgsql_1.1.4-10etch4_arm.deb

HP Precision:

http://security.debian.org/pool/updates/main/z/zabbix/zabbix-agent_1.1.4-10etch4_hppa.deb

http://security.debian.org/pool/updates/main/z/zabbix/zabbix-server-mysql_1.1.4-10etch4_hppa.deb

http://security.debian.org/pool/updates/main/z/zabbix/zabbix-server-pgsql_1.1.4-10etch4_hppa.deb

Big-endian MIPS:

http://security.debian.org/pool/updates/main/z/zabbix/zabbix-server-mysql_1.1.4-10etch4_mips.deb

http://security.debian.org/pool/updates/main/z/zabbix/zabbix-server-pgsql_1.1.4-10etch4_mips.deb

http://security.debian.org/pool/updates/main/z/zabbix/zabbix-agent_1.1.4-10etch4_mips.deb

Little-endian MIPS:

http://security.debian.org/pool/updates/main/z/zabbix/zabbix-agent_1.1.4-10etch4_mipsel.deb

http://security.debian.org/pool/updates/main/z/zabbix/zabbix-server-pgsql_1.1.4-10etch4_mipsel.deb

http://security.debian.org/pool/updates/main/z/zabbix/zabbix-server-mysql_1.1.4-10etch4_mipsel.deb

PowerPC:

http://security.debian.org/pool/updates/main/z/zabbix/zabbix-server-pgsql_1.1.4-10etch4_powerpc.deb

http://security.debian.org/pool/updates/main/z/zabbix/zabbix-server-mysql_1.1.4-10etch4_powerpc.deb

http://security.debian.org/pool/updates/main/z/zabbix/zabbix-agent_1.1.4-10etch4_powerpc.deb

IBM S/390:

http://security.debian.org/pool/updates/main/z/zabbix/zabbix-server-mysql_1.1.4-10etch4_s390.deb

http://security.debian.org/pool/updates/main/z/zabbix/zabbix-agent_1.1.4-10etch4_s390.deb

http://security.debian.org/pool/updates/main/z/zabbix/zabbix-server-pgsql_1.1.4-10etch4_s390.deb

Sun Sparc:

http://security.debian.org/pool/updates/main/z/zabbix/zabbix-server-pgsql_1.1.4-10etch4_sparc.deb

http://security.debian.org/pool/updates/main/z/zabbix/zabbix-agent_1.1.4-10etch4_sparc.deb

http://security.debian.org/pool/updates/main/z/zabbix/zabbix-server-mysql_1.1.4-10etch4_sparc.deb

MD5 checksums of the listed files are available in the original advisory.