Refine your search
2 vulnerabilities found for zabbix-agent by zabbix
CVE-2023-32726 (GCVE-0-2023-32726)
Vulnerability from nvd
Published
2023-12-18 09:17
Modified
2025-11-03 21:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-754 - Improper Check for Unusual or Exceptional Conditions
Summary
The vulnerability is caused by improper check for check if RDLENGTH does not overflow the buffer in response from DNS server.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T21:48:40.326Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.zabbix.com/browse/ZBX-23855"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UMFKNV5E4LG2DIZNPRWQ2ENH75H6UEQT/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BYSYLA7VTHR25CBLYO5ZLEJFGU7HTHQB/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00012.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/10/msg00000.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"Agent"
],
"product": "Zabbix",
"repo": "https://git.zabbix.com/",
"vendor": "Zabbix",
"versions": [
{
"changes": [
{
"at": "5.0.40",
"status": "unaffected"
}
],
"lessThanOrEqual": "5.0.39",
"status": "affected",
"version": "5.0.0",
"versionType": "git"
},
{
"changes": [
{
"at": "6.0.24",
"status": "unaffected"
}
],
"lessThanOrEqual": "6.0.23",
"status": "affected",
"version": "6.0.0",
"versionType": "git"
},
{
"changes": [
{
"at": "6.4.9",
"status": "unaffected"
}
],
"lessThanOrEqual": "6.4.8",
"status": "affected",
"version": "6.4.0",
"versionType": "git"
},
{
"changes": [
{
"at": "7.0.0alpha8",
"status": "unaffected"
}
],
"lessThanOrEqual": "7.0.0alpha7",
"status": "affected",
"version": "7.0.0alpha1",
"versionType": "git"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "This vulnerability is found by Philippe Antoine (catenacyber) from HackerOne community."
}
],
"datePublic": "2023-11-06T11:17:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The vulnerability is caused by improper check for check if RDLENGTH does not overflow the buffer in response from DNS server."
}
],
"value": "The vulnerability is caused by improper check for check if RDLENGTH does not overflow the buffer in response from DNS server."
}
],
"impacts": [
{
"capecId": "CAPEC-540",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-540 Overread Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.9,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-754",
"description": "CWE-754: Improper Check for Unusual or Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-24T22:06:40.879Z",
"orgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8",
"shortName": "Zabbix"
},
"references": [
{
"url": "https://support.zabbix.com/browse/ZBX-23855"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UMFKNV5E4LG2DIZNPRWQ2ENH75H6UEQT/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BYSYLA7VTHR25CBLYO5ZLEJFGU7HTHQB/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00012.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Possible buffer overread from reading DNS responses",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8",
"assignerShortName": "Zabbix",
"cveId": "CVE-2023-32726",
"datePublished": "2023-12-18T09:17:47.628Z",
"dateReserved": "2023-05-11T21:25:43.368Z",
"dateUpdated": "2025-11-03T21:48:40.326Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-32726 (GCVE-0-2023-32726)
Vulnerability from cvelistv5
Published
2023-12-18 09:17
Modified
2025-11-03 21:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-754 - Improper Check for Unusual or Exceptional Conditions
Summary
The vulnerability is caused by improper check for check if RDLENGTH does not overflow the buffer in response from DNS server.
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T21:48:40.326Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.zabbix.com/browse/ZBX-23855"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UMFKNV5E4LG2DIZNPRWQ2ENH75H6UEQT/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BYSYLA7VTHR25CBLYO5ZLEJFGU7HTHQB/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00012.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/10/msg00000.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"Agent"
],
"product": "Zabbix",
"repo": "https://git.zabbix.com/",
"vendor": "Zabbix",
"versions": [
{
"changes": [
{
"at": "5.0.40",
"status": "unaffected"
}
],
"lessThanOrEqual": "5.0.39",
"status": "affected",
"version": "5.0.0",
"versionType": "git"
},
{
"changes": [
{
"at": "6.0.24",
"status": "unaffected"
}
],
"lessThanOrEqual": "6.0.23",
"status": "affected",
"version": "6.0.0",
"versionType": "git"
},
{
"changes": [
{
"at": "6.4.9",
"status": "unaffected"
}
],
"lessThanOrEqual": "6.4.8",
"status": "affected",
"version": "6.4.0",
"versionType": "git"
},
{
"changes": [
{
"at": "7.0.0alpha8",
"status": "unaffected"
}
],
"lessThanOrEqual": "7.0.0alpha7",
"status": "affected",
"version": "7.0.0alpha1",
"versionType": "git"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "This vulnerability is found by Philippe Antoine (catenacyber) from HackerOne community."
}
],
"datePublic": "2023-11-06T11:17:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The vulnerability is caused by improper check for check if RDLENGTH does not overflow the buffer in response from DNS server."
}
],
"value": "The vulnerability is caused by improper check for check if RDLENGTH does not overflow the buffer in response from DNS server."
}
],
"impacts": [
{
"capecId": "CAPEC-540",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-540 Overread Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.9,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-754",
"description": "CWE-754: Improper Check for Unusual or Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-24T22:06:40.879Z",
"orgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8",
"shortName": "Zabbix"
},
"references": [
{
"url": "https://support.zabbix.com/browse/ZBX-23855"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UMFKNV5E4LG2DIZNPRWQ2ENH75H6UEQT/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BYSYLA7VTHR25CBLYO5ZLEJFGU7HTHQB/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00012.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Possible buffer overread from reading DNS responses",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "72de3e22-0555-4a0d-ae81-9249e0f0a1e8",
"assignerShortName": "Zabbix",
"cveId": "CVE-2023-32726",
"datePublished": "2023-12-18T09:17:47.628Z",
"dateReserved": "2023-05-11T21:25:43.368Z",
"dateUpdated": "2025-11-03T21:48:40.326Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}