The process_trap function in trapper/trapper.c in Zabbix Server prior to 1.6.6 allows remote malicious users to cause a denial of service (crash) via a crafted request with data that lacks an expected : (colon) separator, which triggers a NULL pointer dereference.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
zabbix zabbix 1.1.2 |
||
zabbix zabbix 1.4.4 |
||
zabbix zabbix 1.4.2 |
||
zabbix zabbix 1.1.5 |
||
zabbix zabbix 1.1.4 |
||
zabbix zabbix |
||
zabbix zabbix 1.1.3 |
||
zabbix zabbix 1.4.3 |