CVE-2016-4338
Published: 23 January 2017
The mysql user parameter configuration script (userparameter_mysql.conf) in the agent in Zabbix before 2.0.18, 2.2.x before 2.2.13, and 3.0.x before 3.0.3, when used with a shell other than bash, allows context-dependent attackers to execute arbitrary code or SQL commands via the mysql.size parameter.
From the Ubuntu Security Team
It was discovered that Zabbix incorrectly handled certain inputs. An attacker could possibly use this to execute arbitrary code or SQL commands.
Priority
Status
Package | Release | Status |
---|---|---|
zabbix Launchpad, Ubuntu, Debian |
artful |
Ignored
(end of life)
|
bionic |
Not vulnerable
(1:3.0.12+dfsg-1)
|
|
cosmic |
Not vulnerable
(1:3.0.17+dfsg-1)
|
|
disco |
Not vulnerable
(1:3.0.17+dfsg-1)
|
|
eoan |
Not vulnerable
(1:3.0.17+dfsg-1)
|
|
focal |
Not vulnerable
(1:3.0.17+dfsg-1)
|
|
groovy |
Not vulnerable
(1:3.0.17+dfsg-1)
|
|
hirsute |
Not vulnerable
(1:3.0.17+dfsg-1)
|
|
impish |
Not vulnerable
(1:3.0.17+dfsg-1)
|
|
jammy |
Not vulnerable
(1:3.0.17+dfsg-1)
|
|
precise |
Ignored
(end of life)
|
|
trusty |
Released
(1:2.2.2+dfsg-1ubuntu1+esm1)
Available with Ubuntu Pro or Ubuntu Pro (Infra-only) |
|
upstream |
Released
(1:2.2.7+dfsg-2+deb8u1, 1:3.0.3+dfsg-1)
|
|
wily |
Ignored
(end of life)
|
|
xenial |
Not vulnerable
(1:2.4.7+dfsg-2ubuntu2.1)
|
|
yakkety |
Ignored
(end of life)
|
|
zesty |
Ignored
(end of life)
|
Severity score breakdown
Parameter | Value |
---|---|
Base score | 8.1 |
Attack vector | Network |
Attack complexity | High |
Privileges required | None |
User interaction | None |
Scope | Unchanged |
Confidentiality | High |
Integrity impact | High |
Availability impact | High |
Vector | CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |