Joined: 12 May 2004
|Posted: Mon Nov 25, 2013 6:26 pm Post subject: [ GLSA 201311-15 ] Zabbix: Multiple vulnerabilities
|Gentoo Linux Security Advisory
Title: Zabbix: Multiple vulnerabilities (GLSA 201311-15)
Date: November 25, 2013
Bug(s): #312875, #394497, #428372, #452878, #486696
Multiple vulnerabilities have been found in Zabbix, possibly
leading to SQL injection attacks, Denial of Service, or information
Zabbix is software for monitoring applications, networks, and servers.
Vulnerable: < 2.0.9_rc1-r2
Unaffected: >= 2.0.9_rc1-r2
Architectures: All supported architectures
Multiple vulnerabilities have been discovered in Zabbix. Please review
the CVE identifiers referenced below for details.
A remote attacker may be able to execute arbitrary SQL statements, cause
a Denial of Service condition, or obtain sensitive information.
There is no known workaround at this time.
All Zabbix users should upgrade to the latest version:
|# emerge --sync
# emerge --ask --oneshot --verbose