Details of VAR-201112-0335

ID

VAR-201112-0335

CVE

CVE-2011-4674

TITLE

ZABBIX 'only_hostid' parameter SQL injection vulnerability

Trust: 0.9

sources: CNVD: CNVD-2011-5067 // BID: 50803

DESCRIPTION

SQL injection vulnerability in popup.php in Zabbix 1.8.3 and 1.8.4, and possibly other versions before 1.8.9, allows remote attackers to execute arbitrary SQL commands via the only_hostid parameter. ZABBIX is a distributed network monitoring system with CS structure. Because applications fail to adequately filter user-provided data before being used in SQL queries, an attacker can exploit a vulnerability to compromise an application, access or modify data, or exploit potential vulnerabilities in the underlying database. ZABBIX is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. ZABBIX versions 1.8.3 and 1.8.4 are vulnerable. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201311-15 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Zabbix: Multiple vulnerabilities Date: November 25, 2013 Bugs: #312875, #394497, #428372, #452878, #486696 ID: 201311-15 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in Zabbix, possibly leading to SQL injection attacks, Denial of Service, or information disclosure. Background ========== Zabbix is software for monitoring applications, networks, and servers. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-analyzer/zabbix < 2.0.9_rc1-r2 >= 2.0.9_rc1-r2 Description =========== Multiple vulnerabilities have been discovered in Zabbix. Please review the CVE identifiers referenced below for details. Impact ====== A remote attacker may be able to execute arbitrary SQL statements, cause a Denial of Service condition, or obtain sensitive information. Workaround ========== There is no known workaround at this time. Resolution ========== All Zabbix users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=net-analyzer/zabbix-2.0.9_rc1-r2" References ========== [ 1 ] CVE-2010-1277 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1277 [ 2 ] CVE-2011-2904 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2904 [ 3 ] CVE-2011-3263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3263 [ 4 ] CVE-2011-4674 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4674 [ 5 ] CVE-2012-3435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3435 [ 6 ] CVE-2013-1364 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1364 [ 7 ] CVE-2013-5572 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5572 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201311-15.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5

Trust: 2.7

sources: NVD: CVE-2011-4674 // JVNDB: JVNDB-2011-003195 // CNVD: CNVD-2011-5067 // BID: 50803 // IVD: ccc54b70-1f7d-11e6-abef-000c29c66e3d // PACKETSTORM: 124173

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: ccc54b70-1f7d-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-5067

AFFECTED PRODUCTS

vendor:	zabbix	model:	zabbix	scope:	eq	version:	1.8.4	Trust: 3.3
vendor:	zabbix	model:	zabbix	scope:	eq	version:	1.8.3	Trust: 3.3
vendor:	gentoo	model:	linux	scope:	-	version:	-	Trust: 0.3
vendor:	zabbix	model:	zabbix	scope:	ne	version:	1.8.9	Trust: 0.3
vendor:	zabbix	model:	-	scope:	eq	version:	1.8.3	Trust: 0.2
vendor:	zabbix	model:	-	scope:	eq	version:	1.8.4	Trust: 0.2

sources: IVD: ccc54b70-1f7d-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-5067 // BID: 50803 // JVNDB: JVNDB-2011-003195 // CNNVD: CNNVD-201112-017 // NVD: CVE-2011-4674

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2011-4674
value:	HIGH
Trust: 1.0
NVD:	CVE-2011-4674
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201112-017
value:	HIGH
Trust: 0.6
IVD:	ccc54b70-1f7d-11e6-abef-000c29c66e3d
value:	HIGH
Trust: 0.2

nvd@nist.gov:	CVE-2011-4674
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
IVD:	ccc54b70-1f7d-11e6-abef-000c29c66e3d
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2

sources: IVD: ccc54b70-1f7d-11e6-abef-000c29c66e3d // JVNDB: JVNDB-2011-003195 // CNNVD: CNNVD-201112-017 // NVD: CVE-2011-4674

PROBLEMTYPE DATA

problemtype:

CWE-89

Trust: 1.8

sources: JVNDB: JVNDB-2011-003195 // NVD: CVE-2011-4674

THREAT TYPE

remote

Trust: 1.2

sources: CNNVD: CNNVD-201111-443 // CNNVD: CNNVD-201112-017

TYPE

SQL injection

Trust: 1.4

sources: IVD: ccc54b70-1f7d-11e6-abef-000c29c66e3d // CNNVD: CNNVD-201111-443 // CNNVD: CNNVD-201112-017

CONFIGURATIONS

sources: JVNDB: JVNDB-2011-003195

PATCH

title:	ZBX-4385	url:	https://support.zabbix.com/browse/ZBX-4385	Trust: 0.8
title:	ZABBIX 'only_hostid' parameter SQL injection vulnerability patch	url:	https://www.cnvd.org.cn/patchInfo/show/6037	Trust: 0.6
title:	zabbix-1.8.9	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=41938	Trust: 0.6

sources: CNVD: CNVD-2011-5067 // JVNDB: JVNDB-2011-003195 // CNNVD: CNNVD-201112-017

EXTERNAL IDS

db:	BID	id:	50803	Trust: 3.1
db:	NVD	id:	CVE-2011-4674	Trust: 3.0
db:	EXPLOIT-DB	id:	18155	Trust: 1.6
db:	CNVD	id:	CNVD-2011-5067	Trust: 0.8
db:	CNNVD	id:	CNNVD-201112-017	Trust: 0.8
db:	JVNDB	id:	JVNDB-2011-003195	Trust: 0.8
db:	CNNVD	id:	CNNVD-201111-443	Trust: 0.6
db:	XF	id:	71479	Trust: 0.6
db:	IVD	id:	CCC54B70-1F7D-11E6-ABEF-000C29C66E3D	Trust: 0.2
db:	PACKETSTORM	id:	124173	Trust: 0.1

sources: IVD: ccc54b70-1f7d-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-5067 // BID: 50803 // JVNDB: JVNDB-2011-003195 // PACKETSTORM: 124173 // CNNVD: CNNVD-201111-443 // CNNVD: CNNVD-201112-017 // NVD: CVE-2011-4674

REFERENCES

url:	http://www.securityfocus.com/bid/50803	Trust: 2.8
url:	https://support.zabbix.com/browse/zbx-4385	Trust: 1.6
url:	http://www.exploit-db.com/exploits/18155	Trust: 1.6
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/71479	Trust: 1.0
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4674	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4674	Trust: 0.8
url:	http://xforce.iss.net/xforce/xfdb/71479	Trust: 0.6
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1277	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-4674	Trust: 0.1
url:	http://creativecommons.org/licenses/by-sa/2.5	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5572	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3263	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3435	Trust: 0.1
url:	http://security.gentoo.org/glsa/glsa-201311-15.xml	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1364	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-3263	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-1364	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-5572	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4674	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2904	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-1277	Trust: 0.1
url:	http://security.gentoo.org/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-2904	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-3435	Trust: 0.1
url:	https://bugs.gentoo.org.	Trust: 0.1

sources: CNVD: CNVD-2011-5067 // JVNDB: JVNDB-2011-003195 // PACKETSTORM: 124173 // CNNVD: CNNVD-201111-443 // CNNVD: CNNVD-201112-017 // NVD: CVE-2011-4674

CREDITS

M?cio Almeida de Mac?o

Trust: 0.6

sources: CNNVD: CNNVD-201111-443

SOURCES

db:	IVD	id:	ccc54b70-1f7d-11e6-abef-000c29c66e3d
db:	CNVD	id:	CNVD-2011-5067
db:	BID	id:	50803
db:	JVNDB	id:	JVNDB-2011-003195
db:	PACKETSTORM	id:	124173
db:	CNNVD	id:	CNNVD-201111-443
db:	CNNVD	id:	CNNVD-201112-017
db:	NVD	id:	CVE-2011-4674

LAST UPDATE DATE

2024-08-14T13:58:48.677000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2011-5067	date:	2011-11-25T00:00:00
db:	BID	id:	50803	date:	2015-04-13T21:58:00
db:	JVNDB	id:	JVNDB-2011-003195	date:	2011-12-06T00:00:00
db:	CNNVD	id:	CNNVD-201111-443	date:	2011-11-28T00:00:00
db:	CNNVD	id:	CNNVD-201112-017	date:	2011-12-05T00:00:00
db:	NVD	id:	CVE-2011-4674	date:	2017-08-29T01:30:32.257

SOURCES RELEASE DATE

db:	IVD	id:	ccc54b70-1f7d-11e6-abef-000c29c66e3d	date:	2011-11-25T00:00:00
db:	CNVD	id:	CNVD-2011-5067	date:	2011-11-25T00:00:00
db:	BID	id:	50803	date:	2011-11-24T00:00:00
db:	JVNDB	id:	JVNDB-2011-003195	date:	2011-12-06T00:00:00
db:	PACKETSTORM	id:	124173	date:	2013-11-25T23:55:55
db:	CNNVD	id:	CNNVD-201111-443	date:	1900-01-01T00:00:00
db:	CNNVD	id:	CNNVD-201112-017	date:	2011-12-05T00:00:00
db:	NVD	id:	CVE-2011-4674	date:	2011-12-02T18:55:02.967