CVE-2008-1353
published 2008-03-17CVE-2008-1353: zabbix_agentd in ZABBIX 1.4.4 allows remote attackers to cause a denial of service (CPU and connection consumption) via multiple vfs.file.cksum commands with a…
PriorityP419medium4.3CVSS 2.0
AVNACMAuNCNINAP
EXPLOIT
EPSS
5.69%
92.0th percentile
zabbix_agentd in ZABBIX 1.4.4 allows remote attackers to cause a denial of service (CPU and connection consumption) via multiple vfs.file.cksum commands with a special device node such as /dev/urandom or /dev/zero.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | zabbix | < zabbix 1:1.4.5-1 (bookworm) | zabbix 1:1.4.5-1 (bookworm) |
| zabbix | zabbix | — | — |
| zabbix | zabbix | — | — |
| zabbix | zabbix | — | — |
| zabbix | zabbix | — | — |
| zabbix | zabbix | — | — |
| zabbix | zabbix | — | — |
| zabbix | zabbix | >= 0 < 1:1.4.5-1 | 1:1.4.5-1 |
| zabbix | zabbix | >= 0 < 1:1.4.5-1 | 1:1.4.5-1 |
| zabbix | zabbix | >= 0 < 1:1.4.5-1 | 1:1.4.5-1 |
| zabbix | zabbix | >= 0 < 1:1.4.5-1 | 1:1.4.5-1 |
CVSS provenance
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:N/A:P
osv4.3MEDIUM
vendor_debian4.3LOW
vendor_redhat4.3MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Debian
CVE-2008-1353: zabbix - zabbix_agentd in ZABBIX 1.4.4 allows remote attackers to cause a denial of servi...
vendor_debian·2008·CVSS 4.3
CVE-2008-1353 [MEDIUM] CVE-2008-1353: zabbix - zabbix_agentd in ZABBIX 1.4.4 allows remote attackers to cause a denial of servi...
zabbix_agentd in ZABBIX 1.4.4 allows remote attackers to cause a denial of service (CPU and connection consumption) via multiple vfs.file.cksum commands with a special device node such as /dev/urandom or /dev/zero.
Scope: local
bookworm: resolved (fixed in 1:1.4.5-1)
bullseye: resolved (fixed in 1:1.4.5-1)
forky: resolved (fixed in 1:1.4.5-1)
sid: resolved (fixed in 1:1.4.5-1)
trixie: resolved (fixed in 1:1.4.5-1)
Red Hat
zabbix file descriptor consumption by authorized hosts
vendor_redhat·CVSS 4.3
CVE-2008-1353 [MEDIUM] zabbix file descriptor consumption by authorized hosts
zabbix file descriptor consumption by authorized hosts
zabbix_agentd in ZABBIX 1.4.4 allows remote attackers to cause a denial of service (CPU and connection consumption) via multiple vfs.file.cksum commands with a special device node such as /dev/urandom or /dev/zero.
GHSA
GHSA-2fgh-jwqp-hr3r: zabbix_agentd in ZABBIX 1
ghsa_unreviewed·2022-05-01
CVE-2008-1353 [MEDIUM] GHSA-2fgh-jwqp-hr3r: zabbix_agentd in ZABBIX 1
zabbix_agentd in ZABBIX 1.4.4 allows remote attackers to cause a denial of service (CPU and connection consumption) via multiple vfs.file.cksum commands with a special device node such as /dev/urandom or /dev/zero.
OSV
CVE-2008-1353: zabbix_agentd in ZABBIX 1
osv·2008-03-17·CVSS 4.3
CVE-2008-1353 [MEDIUM] CVE-2008-1353: zabbix_agentd in ZABBIX 1
zabbix_agentd in ZABBIX 1.4.4 allows remote attackers to cause a denial of service (CPU and connection consumption) via multiple vfs.file.cksum commands with a special device node such as /dev/urandom or /dev/zero.
No detection rules found.
http://secunia.com/advisories/29383http://securityreason.com/securityalert/3747http://www.securityfocus.com/archive/1/489506/100/0/threadedhttp://www.securityfocus.com/bid/28244http://www.vupen.com/english/advisories/2008/0878https://exchange.xforce.ibmcloud.com/vulnerabilities/41196http://secunia.com/advisories/29383http://securityreason.com/securityalert/3747http://www.securityfocus.com/archive/1/489506/100/0/threadedhttp://www.securityfocus.com/bid/28244http://www.vupen.com/english/advisories/2008/0878https://exchange.xforce.ibmcloud.com/vulnerabilities/41196
2008-03-17
Published