CVE-2016-4338: Zabbix Agent 3.0.1 mysql.size shell command injection

Posted by Timo Juhani Lindfors on May 03

CVE-2016-4338: Zabbix Agent 3.0.1 mysql.size shell command injection
——————————————————————–

Affected products
=================

At least Zabbix Agent 1:3.0.1-1+wheezy from
http://repo.zabbix.com/zabbix/3.0/debian is vulnerable. Other versions
were not tested.

Background
==========

“Zabbix agent is deployed on a monitoring target to actively monitor
local resources and applications (hard…

Leave a Reply