Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date: Fri, 27 Jul 2012 17:05:02 -0600
From: Vincent Danen <vdanen@...hat.com>
To: oss-security@...ts.openwall.com
Subject: Zabbix SQL injection flaw (CVE request)

Could a CVE be assigned to this please?

An SQL injection flaw was found in Zabbix, where input passed via the
"itemid" parameter to popup_bitem.php is not properly sanitized before
being used in an SQL query.

The report was against version 2.0.1, but the upstream bug report [1]
indicates this also affects 1.8.x.  Upstream has patched [2] this, and
there is a potential patch for 1.8.x [3].

[1] https://support.zabbix.com/browse/ZBX-5348
[2] http://git.zabbixzone.com/zabbix2.0/.git/commit/333a3a5542ba8a2c901c24b7bf5440f41f1f4f54
[3] https://gist.github.com/3181678

Other references:

https://bugzilla.redhat.com/show_bug.cgi?id=843927
https://bugs.gentoo.org/show_bug.cgi?id=428372

Thanks.

-- 
Vincent Danen / Red Hat Security Response Team

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.