Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 APP:MISC:ZABBIC-NODE-PROCESS-CE

Severity

 Medium

Recommended

 Yes

Recommended Action

 Drop

Category

 APP

Keywords

 Zabbix NodeProcess Command Remote Command Execution

Release Date

 2015/06/12

Update Number

 2504

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

APP: Zabbix NodeProcess Command Remote Command Execution


This signature detects attempts to exploit a known vulnerability against Zabbix. A successful exploit can lead to remote command execution.

Extended Description

ZABBIX is prone to a remote command-execution vulnerability because the software fails to restrict access to sensitive commands. Successful attacks can compromise the affected software and possibly the computer. Versions prior to ZABBIX 1.6.8 are vulnerable.

Affected Products

  • Red Hat Fedora 11
  • Red Hat Fedora 12
  • ZABBIX 1.6.2
  • ZABBIX 1.6.3
  • ZABBIX 1.6.5
  • ZABBIX 1.6.6
  • ZABBIX 1.6.7

References

  • BugTraq: 37989
  • CVE: CVE-2009-4498

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out