Zabbix: Multiple vulnerabilities

Zabbix: Multiple vulnerabilities Multiple vulnerabilities have been found in Zabbix, possibly leading to SQL injection attacks, Denial of Service, or information disclosure. zabbix 2013-11-25 2013-11-25 312875 394497 428372 452878 486696 remote 2.0.9_rc1-r2 2.0.9_rc1-r2

Zabbix is software for monitoring applications, networks, and servers.

Multiple vulnerabilities have been discovered in Zabbix. Please review the CVE identifiers referenced below for details.

A remote attacker may be able to execute arbitrary SQL statements, cause a Denial of Service condition, or obtain sensitive information.

There is no known workaround at this time.

All Zabbix users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose
      ">=net-analyzer/zabbix-2.0.9_rc1-r2"

CVE-2010-1277 CVE-2011-2904 CVE-2011-3263 CVE-2011-4674 CVE-2012-3435 CVE-2013-1364 CVE-2013-5572 craig ackle