What is the severity of CVE-2023-32726?

The severity of CVE-2023-32726 is classified as a medium vulnerability.

How do I fix CVE-2023-32726?

To fix CVE-2023-32726, upgrade the Zabbix agent to a version that is not affected, such as versions above 5.0.39, 6.0.23, or 6.4.8.

What software is affected by CVE-2023-32726?

CVE-2023-32726 affects Zabbix agent versions 5.0.0 to 5.0.39, 6.0.0 to 6.0.23, and 6.4.0 to 6.4.8, along with specific alpha versions.

What causes CVE-2023-32726?

CVE-2023-32726 is caused by improper checks for RDLENGTH that may lead to buffer overflow in responses from DNS servers.

Is CVE-2023-32726 related to other vulnerabilities?

CVE-2023-32726 is closely related to vulnerabilities dealing with DNS response handling and buffer overflow issues.

Vulnerability/
CVE-2023-32726

high

8.1

CWE

754

18/12/2023

2/8/2024

CVE-2023-32726: Possible buffer overread from reading DNS responses

First published: Mon Dec 18 2023(Updated: )

The vulnerability is caused by improper check for check if RDLENGTH does not overflow the buffer in response from DNS server.

Credit: security@zabbix.com

Affected Software	Affected Version	How to fix
Zabbix Agent	>=5.0.0<=5.0.39
Zabbix Agent	>=6.0.0<=6.0.23
Zabbix Agent	>=6.4.0<=6.4.8
Zabbix Agent	=7.0.0-alpha1
Zabbix Agent	=7.0.0-alpha6

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2023-32726?
The severity of CVE-2023-32726 is classified as a medium vulnerability.
How do I fix CVE-2023-32726?
To fix CVE-2023-32726, upgrade the Zabbix agent to a version that is not affected, such as versions above 5.0.39, 6.0.23, or 6.4.8.
What software is affected by CVE-2023-32726?
CVE-2023-32726 affects Zabbix agent versions 5.0.0 to 5.0.39, 6.0.0 to 6.0.23, and 6.4.0 to 6.4.8, along with specific alpha versions.
What causes CVE-2023-32726?
CVE-2023-32726 is caused by improper checks for RDLENGTH that may lead to buffer overflow in responses from DNS servers.
Is CVE-2023-32726 related to other vulnerabilities?
CVE-2023-32726 is closely related to vulnerabilities dealing with DNS response handling and buffer overflow issues.

agent/type
agent/event
agent/softwarecombine
agent/first-publish-date
agent/weakness
agent/severity
agent/description
agent/title
agent/author
agent/references
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/source
agent/tags
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/zabbix
canonical/zabbix agent
version/zabbix agent/5.0.0
version/zabbix agent/5.0.39
version/zabbix agent/6.0.0
version/zabbix agent/6.0.23
version/zabbix agent/6.4.0
version/zabbix agent/6.4.8
version/zabbix agent/7.0.0-alpha1
version/zabbix agent/7.0.0-alpha6

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.