CVE-2016-4338 (zabbix)

Posted on 2017년 1월 24일2017년 1월 27일 by admin

The mysql user parameter configuration script (userparameter_mysql.conf) in the agent in Zabbix before 2.0.18, 2.2.x before 2.2.13, and 3.0.x before 3.0.3, when used with a shell other than bash, allows context-dependent attackers to execute arbitrary code or SQL commands via the mysql.size parameter.

Source: CVE-2016-4338 (zabbix)

답글 남기기 응답 취소