Published: 31/12/2009 Updated: 25/05/2010

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 690

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

The node_process_command function in Zabbix Server prior to 1.8 allows remote malicious users to execute arbitrary commands via a crafted request.

Vulnerable Product	Search on Vulmon	Subscribe to Product
zabbix zabbix 1.1.2
zabbix zabbix 1.6.6
zabbix zabbix 1.7
zabbix zabbix 1.1.4
zabbix zabbix 1.1.3
zabbix zabbix 1.7.2
zabbix zabbix 1.7.1
zabbix zabbix 1.4.2
zabbix zabbix 1.1.5
zabbix zabbix
zabbix zabbix 1.7.3
zabbix zabbix 1.4.3
zabbix zabbix 1.6.7
zabbix zabbix 1.6.8

Zabbix Server : Multiple remote vulnerabilities From: Nicob <nicob () nicob net> Date: Sun, 13 Dec 2009 16:28:35 +0100 From Wikipedia : "Zabbix is a network management system application [] designed to monitor and track the status of various network services, servers, and other network hardware" [Zabbix Server : Remote command executio ...

## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # web site for more information on licensing and terms of use # metasploitcom/ ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Explo ...

CWE-78 https://support.zabbix.com/browse/ZBX-1030 http://www.vupen.com/english/advisories/2009/3514 http://www.securityfocus.com/archive/1/508436/30/60/threaded http://secunia.com/advisories/37740 http://www.openwall.com/lists/oss-security/2010/04/02/1 https://nvd.nist.gov https://www.exploit-db.com/exploits/10432/

CVE-2009-4498

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect