On Wed, Mar 4, 2009 at 8:34 AM, Mike McGrath <mmcgrath@xxxxxxxxxx> wrote: > On Wed, 4 Mar 2009, Ricky Zhou wrote: > >> Just to let everybody know, I confirmed a code execution vulnerability >> on our zabbix install, so I've taken it down until we can apply fixes >> for it: >> >> http://seclists.org/fulldisclosure/2009/Mar/0032.html >> > > Thanks Ricky, I think it might be good for us to throw our zabbix install > behind http basic auth like what we've done for cacti just so someone > doesn't happen upon it in a vulnerable state. I'm working on a new Zabbix package as well. -- Jeff Ollie _______________________________________________ Fedora-infrastructure-list mailing list Fedora-infrastructure-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
