Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2012-6086

Опубликовано: 29 янв. 2014
Источник: debian
EPSS Низкий

Описание

libs/zbxmedia/eztexting.c in Zabbix 1.8.x before 1.8.18rc1, 2.0.x before 2.0.8rc1, and 2.1.x before 2.1.2 does not properly set the CURLOPT_SSL_VERIFYHOST option for libcurl, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
zabbixfixed1:2.0.7+dfsg-1package
zabbixno-dsasqueezepackage

Примечания

  • https://support.zabbix.com/browse/ZBX-5924

EPSS

Процентиль: 41%
0.00194
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2012-6086

ubuntu
около 12 лет назад

libs/zbxmedia/eztexting.c in Zabbix 1.8.x before 1.8.18rc1, 2.0.x before 2.0.8rc1, and 2.1.x before 2.1.2 does not properly set the CURLOPT_SSL_VERIFYHOST option for libcurl, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.

nvd логотип

CVE-2012-6086

nvd
около 12 лет назад

libs/zbxmedia/eztexting.c in Zabbix 1.8.x before 1.8.18rc1, 2.0.x before 2.0.8rc1, and 2.1.x before 2.1.2 does not properly set the CURLOPT_SSL_VERIFYHOST option for libcurl, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.

github логотип

GHSA-g86q-v527-5vcc

github
больше 3 лет назад

libs/zbxmedia/eztexting.c in Zabbix 1.8.x before 1.8.18rc1, 2.0.x before 2.0.8rc1, and 2.1.x before 2.1.2 does not properly set the CURLOPT_SSL_VERIFYHOST option for libcurl, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.

EPSS

Процентиль: 41%
0.00194
Низкий