Zabbix 1.9.x < 1.9.4 zabbix_agentd DoS

This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.


Synopsis :

The remote web application may be affected by a denial of service
vulnerability.

Description :

According to its self-reported version number, the instance of Zabbix
listening on the remote host is 1.9.x prior to 1.9.4. It could,
therefore, be affected by a denial of service vulnerability related to
'zabbix_agentd' and 'vfs.file.cksum'. An attacker can cause excessive
CPU usage if the 'vfs.file.cksum' command is pointed at a special device
such as '/dev/urandom'.

Note that Nessus did not actually test for the flaws, but instead has
relied on the version in the Zabbix login page.

See also :

https://support.zabbix.com/browse/ZBX-3794
http://www.zabbix.com/rn1.9.4.php

Solution :

Update Zabbix to version 1.9.4 or later.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 3.7
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: CGI abuses

Nessus Plugin ID: 71535 ()

Bugtraq ID: 63920

CVE ID: CVE-2011-3263