CVE-2011-3263

medium

Description

zabbix_agentd in Zabbix before 1.8.6 and 1.9.x before 1.9.4 allows context-dependent attackers to cause a denial of service (CPU consumption) by executing the vfs.file.cksum command for a special device, as demonstrated by the /dev/urandom device.

References

http://www.zabbix.com/rn1.8.6.php

https://exchange.xforce.ibmcloud.com/vulnerabilities/69378

https://support.zabbix.com/browse/ZBX-3794

Details

Source: MITRE

Published: 2011-08-19

Updated: 2017-08-29

Type: CWE-399

Risk Information

CVSS v2

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM