Summary
ZABBIX is prone to a denial-of-service vulnerability because of a NULL-pointer dereference.
Successful exploits may allow remote attackers to cause denial-of- service conditions. Given the nature of this issue, attackers may also be able to run arbitrary code, but this has not been confirmed.
Versions prior to ZABBIX 1.6.6 are vulnerable.
Solution
Updates are available. Please see the references for details.
References
Severity
Classification
-
CVE CVE-2009-4500 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- Apache Subversion 'mod_dav_svn' log REPORT Request DoS Vulnerability
- ejabberd XML Parsing Denial of Service Vulnerability (Windows)
- F-Secure Policy Manager Server fsmsh.dll module DoS
- Dopewars Server 'REQUESTJET' Message Remote Denial of Service Vulnerability
- Comodo Internet Security Denial of Service Vulnerability-05