| Vulnerability Name: | CVE-2016-4338 (CCN-112893) | ||||||||||||||||||||||||||||||||||||||||||||
| Assigned: | 2016-05-03 | ||||||||||||||||||||||||||||||||||||||||||||
| Published: | 2016-05-03 | ||||||||||||||||||||||||||||||||||||||||||||
| Updated: | 2018-10-09 | ||||||||||||||||||||||||||||||||||||||||||||
| Summary: | The mysql user parameter configuration script (userparameter_mysql.conf) in the agent in Zabbix before 2.0.18, 2.2.x before 2.2.13, and 3.0.x before 3.0.3, when used with a shell other than bash, allows context-dependent attackers to execute arbitrary code or SQL commands via the mysql.size parameter. | ||||||||||||||||||||||||||||||||||||||||||||
| CVSS v3 Severity: | 8.1 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) 7.1 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
7.3 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
| ||||||||||||||||||||||||||||||||||||||||||||
| CVSS v2 Severity: | 6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
| ||||||||||||||||||||||||||||||||||||||||||||
| Vulnerability Type: | CWE-89 | ||||||||||||||||||||||||||||||||||||||||||||
| Vulnerability Consequences: | Gain Access | ||||||||||||||||||||||||||||||||||||||||||||
| References: | Source: MITRE Type: CNA CVE-2016-4338 Source: MISC Type: Exploit, Third Party Advisory, VDB Entry http://packetstormsecurity.com/files/136898/Zabbix-Agent-3.0.1-mysql.size-Shell-Command-Injection.html Source: CCN Type: BugTraq Mailing List, Tue, 03 May 2016 13:31:36 +0300 CVE-2016-4338: Zabbix Agent 3.0.1 mysql.size shell command injection Source: FULLDISC Type: Exploit, Third Party Advisory, VDB Entry 20160503 CVE-2016-4338: Zabbix Agent 3.0.1 mysql.size shell command injection Source: BUGTRAQ Type: UNKNOWN 20160503 CVE-2016-4338: Zabbix Agent 3.0.1 mysql.size shell command injection Source: BID Type: Third Party Advisory, VDB Entry 89631 Source: XF Type: UNKNOWN zabbix-agent-cve20164338-cmd-exec(112893) Source: CCN Type: Packet Storm Security [05-03-2016] Zabbix Agent 3.0.1 mysql.size Shell Command Injection Source: GENTOO Type: Third Party Advisory, VDB Entry GLSA-201612-42 Source: CCN Type: Zabbix ZBX-10741 included to sources user param mysql.size[] produces error on some shells Source: CONFIRM Type: Exploit, Patch, Vendor Advisory https://support.zabbix.com/browse/ZBX-10741 Source: EXPLOIT-DB Type: EXPLOIT Offensive Security Exploit Database [05-04-2016] Source: EXPLOIT-DB Type: Exploit, Third Party Advisory, VDB Entry 39769 Source: CONFIRM Type: Vendor Advisory https://www.zabbix.com/documentation/2.0/manual/introduction/whatsnew2018#miscellaneous_improvements Source: CONFIRM Type: Vendor Advisory https://www.zabbix.com/documentation/2.2/manual/introduction/whatsnew2213#miscellaneous_improvements Source: CONFIRM Type: Vendor Advisory https://www.zabbix.com/documentation/3.0/manual/introduction/whatsnew303#miscellaneous_improvements | ||||||||||||||||||||||||||||||||||||||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||||||||||||||||||||||||||||||||||||||
| Oval Definitions | |||||||||||||||||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||||||||||||||||
| BACK | |||||||||||||||||||||||||||||||||||||||||||||