[Git][security-tracker-team/security-tracker][master] Triaging zabbix with focus LTS/buster

Tobias Frost (@tobi) tobi at debian.org
Wed Aug 9 17:42:52 BST 2023 


Tobias Frost pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4b21c5fb by Tobias Frost at 2023-08-09T18:42:38+02:00
Triaging zabbix with focus LTS/buster

CVE-2023-29458: duktape library only introduced in 5.0.0alpha1
CVE-2023-29452: geomap widget only introduced in 6.0.0alpha6

add links to patch for: CVE-2023-29451 CVE-2013-7484 CVE-2019-17382

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -16321,8 +16321,10 @@ CVE-2023-29459 (The laola.redbull application through 5.1.9-R for Android expose
 	NOT-FOR-US: laola.redbull
 CVE-2023-29458 (Duktape is an 3rd-party embeddable JavaScript engine, with a focus on  ...)
 	- zabbix <unfixed>
+	[buster] - zabbix <not-affected> (vulnerable code introduced later)
 	NOTE: This appears to be bug in Zabbix's use of duktape, not an issue in src:duktape per se
 	NOTE: https://support.zabbix.com/browse/ZBX-22989
+	NOTE: duktape library introduced with https://github.com/zabbix/zabbix/commit/d43b04665c1ade5b4a9f49db750b8ca6c82e9de2 (5.0.0alpha1)
 CVE-2023-29457 (Reflected XSS attacks, occur when a malicious script is reflected off  ...)
 	- zabbix <unfixed>
 	NOTE: https://support.zabbix.com/browse/ZBX-22988
@@ -16339,8 +16341,11 @@ CVE-2023-29453
 	RESERVED
 CVE-2023-29452 (Currently, geomap configuration (Administration -> General -> Geograph ...)
 	- zabbix <unfixed>
-	[bullseye] - zabbix <not-affected> (5.x not affected)
+	[bullseye] - zabbix <not-affected> (vulnerable code introduced later)
+	[buster] - zabbix <not-affected> (vulnerable code introduced later)
 	NOTE: https://support.zabbix.com/browse/ZBX-22981
+	NOTE: Patches links: https://support.zabbix.com/browse/ZBX-22720
+	NOTE: vulnerable geopmap widget introduced in version 6.0.0alpha6 with https://github.com/zabbix/zabbix/commit/7e6a91149533b17b12c0317968b485e0c98d4ac2
 CVE-2023-29451 (Specially crafted string can cause a buffer overrun in the JSON parser ...)
 	- zabbix <unfixed>
 	[bullseye] - zabbix <not-affected> (5.x not affected)
@@ -56908,6 +56913,8 @@ CVE-2022-43515 (Zabbix Frontend provides a feature that allows admins to maintai
 	[bullseye] - zabbix <ignored> (Minor issue)
 	[buster] - zabbix <ignored> (Minor issue)
 	NOTE: https://support.zabbix.com/browse/ZBX-22050
+	NOTE: Patches: for 4.0.45rc1 https://git.zabbix.com/projects/ZBX/repos/zabbix/commits/aa58889ba54b2350e211a5f315baabbaf7228045
+	NOTE: for 5.0.30rc1 https://git.zabbix.com/projects/ZBX/repos/zabbix/commits/50668e9d64af32cdc67a45082c556699ff86565e
 CVE-2022-43514 (A vulnerability has been identified in Automation License Manager V5 ( ...)
 	NOT-FOR-US: Automation License Manager
 CVE-2022-43513 (A vulnerability has been identified in Automation License Manager V5 ( ...)
@@ -270306,6 +270313,7 @@ CVE-2013-7484 (Zabbix before 5.0 represents passwords in the users table with un
 	NOTE: https://support.zabbix.com/browse/ZBX-16551
 	NOTE: https://support.zabbix.com/browse/ZBXNEXT-1898
 	NOTE: https://www.zabbix.com/documentation/5.0/manual/introduction/whatsnew500#stronger_cryptography_for_passwords
+	NOTE: patch for 5.0.0: https://github.com/zabbix/zabbix/commit/3c4b81c66da
 CVE-2020-1784
 	RESERVED
 CVE-2020-1783
@@ -279482,6 +279490,8 @@ CVE-2019-17382 (An issue was discovered in zabbix.php?action=dashboard.view&dash
 	NOTE: Disputed by upstream, closed as not a security bug.
 	NOTE: Guest account is disabled by default starting in 4.0.15rc1, 4.4.2rc1 and
 	NOTE: 5.0.0alpha1 (Cf. https://support.zabbix.com/browse/ZBXNEXT-5532)
+	NOTE: Patch to disable default user by default, for 5.0.0alpha1: https://git.zabbix.com/projects/ZBX/repos/zabbix/commits/9fd6f1c35
+	NOTE: and for 4.0.15rc: https://git.zabbix.com/projects/ZBX/repos/zabbix/commits/cd3921882
 CVE-2019-17381
 	RESERVED
 CVE-2019-17380 (cPanel before 82.0.15 allows self XSS in the WHM Update Preferences in ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4b21c5fbfaebdf2d20fc5eb1d3de973f86bcdf5e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4b21c5fbfaebdf2d20fc5eb1d3de973f86bcdf5e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230809/82e9fabf/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list