Zabbix down
Mike McGrath
mmcgrath at redhat.com
Wed Mar 4 14:34:40 UTC 2009
On Wed, 4 Mar 2009, Ricky Zhou wrote:
> Just to let everybody know, I confirmed a code execution vulnerability
> on our zabbix install, so I've taken it down until we can apply fixes
> for it:
>
> http://seclists.org/fulldisclosure/2009/Mar/0032.html
>
Thanks Ricky, I think it might be good for us to throw our zabbix install
behind http basic auth like what we've done for cacti just so someone
doesn't happen upon it in a vulnerable state.
-Mike
More information about the Fedora-infrastructure-list
mailing list