CVE-2008-1353

Description

zabbix_agentd in ZABBIX 1.4.4 allows remote attackers to cause a denial of service (CPU and connection consumption) via multiple vfs.file.cksum commands with a special device node such as /dev/urandom or /dev/zero.

How to fix CVE-2008-1353

To remediate CVE-2008-1353, upgrade the affected package to a fixed version below.

• Debian/zabbix—upgrade to 1:1.4.5-1 or later

Is CVE-2008-1353 being exploited?

Moderate — EPSS is 5.9%. Track this CVE but it's not at the top of the prioritisation list.

Affected packages (1)

• from 0, < 1:1.4.5-1

References (1)

• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2008-1353