ZABBIX 'locales.php' Local File Include and Remote Code Execution Vulnerability

ZABBIX is prone to multiple local file-include vulnerabilities and a remote code-execution vulnerability that occur in the front-end web interface.

Attackers can exploit these issues to execute arbitrary code within the context of the webserver or obtain sensitive information. Other attacks are also possible.

ZABBIX 1.6.2 is vulnerable; prior versions may also be affected.


 

Privacy Statement
Copyright 2010, SecurityFocus