CVSS: 4.3EPSS: 7%CPEs: 6EXPL: 1CVE-2008-1353 – Zabbix 1.1x/1.4.x - File Checksum Request Denial of Service
https://notcve.org/view.php?id=CVE-2008-1353
zabbix_agentd in ZABBIX 1.4.4 allows remote attackers to cause a denial of service (CPU and connection consumption) via multiple vfs.file.cksum commands with a special device node such as /dev/urandom or /dev/zero. zabbix_agentd en ZABBIX 1.4.4, permite a atacantes remotos causar una Denegación de Servicio (Consumo de CPU y conexión) a través de múltiples comandos vfs.file.cksum con un nodo de dispositivo como /dev/urandom o /dev/zero. • https://www.exploit-db.com/exploits/31403 http://secunia.com/advisories/29383 http://securityreason.com/securityalert/3747 http://www.securityfocus.com/archive/1/489506/100/0/threaded http://www.securityfocus.com/bid/28244 http://www.vupen.com/english/advisories/2008/0878 https://exchange.xforce.ibmcloud.com/vulnerabilities/41196 •
CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 1CVE-2007-6210 – Zabbix 1.1.4/1.4.2 - 'daemon_start' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2007-6210
zabbix_agentd 1.1.4 in ZABBIX before 1.4.3 runs "UserParameter" scripts with gid 0, which might allow local users to gain privileges. zabbix_agentd versión 1.1.4 en ZABBIX versiones anteriores a 1.4.3, ejecuta scripts "UserParameter" con gid 0, lo que podría permitir a los usuarios locales alcanzar privilegios. • https://www.exploit-db.com/exploits/30839 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=452682 http://secunia.com/advisories/27903 http://secunia.com/advisories/27948 http://secunia.com/advisories/27978 http://www.debian.org/security/2007/dsa-1420 http://www.securityfocus.com/bid/26680 http://www.zabbix.com/forum/showthread.php?t=8400 https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00196.html https://www.redhat.com/archives/fedora-package-announce&# • CWE-16: Configuration •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2007-0640
https://notcve.org/view.php?id=CVE-2007-0640
Buffer overflow in ZABBIX before 1.1.5 has unknown impact and attack vectors related to "SNMP IP addresses." Desbordamiento de búfer en el ZABBIX en versiones anteriores a la 1.1.5 tiene un impacto desconocido y vectores de ataque relacionados con "SNMP IP addresses". • http://osvdb.org/33081 http://secunia.com/advisories/24020 http://www.securityfocus.com/bid/22321 http://www.vupen.com/english/advisories/2007/0416 http://www.zabbix.com/rn1.1.5.php https://exchange.xforce.ibmcloud.com/vulnerabilities/32038 •