ZABBIX 'process_trap()' NULL Pointer Dereference Denial Of Service Vulnerability Network Vulnerability

Summary

ZABBIX is prone to a denial-of-service vulnerability because of a NULL-pointer dereference. Successful exploits may allow remote attackers to cause denial-of- service conditions. Given the nature of this issue, attackers may also be able to run arbitrary code, but this has not been confirmed. Versions prior to ZABBIX 1.6.6 are vulnerable.

Solution

Updates are available. Please see the references for details.

References

http://secunia.com/advisories/37740/
http://www.zabbix.com/index.php
https://support.zabbix.com/browse/ZBX-993

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-4500

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

ddrLPD Remote Denial of Service Vulnerability
Active Perl Denial of Service Vulnerability Feb 2014 (Windows)
CUPS '_cupsImageReadTIFF()' Integer Overflow Vulnerability
Adobe Acrobat PDF File Denial Of Service Vulnerability
Freefloat FTP Server 'ALLO' Command Remote Buffer Overflow Vulnerability

Take action and discover your vulnerabilities