Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1353

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-1353
Last Modified 07 Mar 2011 10:06:45
Published 17 Mar 2008 01:44:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-1353

Summary

zabbix_agentd in ZABBIX 1.4.4 allows remote attackers to cause a denial of service (CPU and connection consumption) via multiple vfs.file.cksum commands with a special device node such as /dev/urandom or /dev/zero.

Vulnerable Systems

Application

  • Zabbix 1.1.2

  • Zabbix 1.1.3

  • Zabbix 1.1.4

  • Zabbix 1.1.5

  • Zabbix 1.4.2

  • Zabbix 1.4.3


References

XF - zabbix-zabbixagentd-dos(41196)

VUPEN - ADV-2008-0878

BID - 28244

BUGTRAQ - 20080313 Zabbix (zabbix_agentd) denial of service

SECUNIA - 29383

SREASON - 3747


Last Updated: 27 May 2016 10:47:07