SQL injection vulnerability in frontends/php/popup_bitem.php in Zabbix 1.8.15rc1 and earlier, and 2.x before 2.0.2rc1, allows remote attackers to execute arbitrary SQL commands via the itemid parameter.

The remote host is affected by the vulnerability described in GLSA-201311-15 (Zabbix: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in Zabbix. Please review       the CVE identifiers referenced below for details.
  Impact :

    A remote attacker may be able to execute arbitrary SQL statements, cause       a Denial of Service condition, or obtain sensitive information.
  Workaround :

    There is no known workaround at this time.

The remote web server hosts a version of the Zabbix web interface that is affected by a SQL injection vulnerability.  The vulnerability exists in the 'popup_bitem.php' script, which fails to properly sanitize user-supplied input to the 'itemid' parameter before using it in database queries.  This could allow an attacker to manipulate such queries, resulting in manipulation or disclosure of arbitrary data.

It was discovered that Zabbix, a network monitoring solution, does not properly validate user input used as a part of a SQL query. This may allow unauthenticated attackers to execute arbitrary SQL commands (SQL injection) and possibly escalate privileges.

ID	Name	Product	Family	Severity
71089	GLSA-201311-15 : Zabbix: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	high
62757	Zabbix Web Interface popup_bitem.php itemid Parameter SQL Injection	Nessus	CGI abuses	high
62000	Debian DSA-2539-1 : zabbix - SQL injection	Nessus	Debian Local Security Checks	high

Detections

Analytics

CVE-2012-3435

critical

Tenable Plugins

high

high

high