zabbix-threat-control icon indicating copy to clipboard operation
zabbix-threat-control copied to clipboard

Published 20 hours ago verified publisher icon vulnersCom

fix.py doesn't use port information

Open JD-ISWT opened this issue 4 years ago • 0 comments

Got a problem with an agent configured on a non standard port, it never received fix actions.

script fix.py use zabbix_get only on the standard port (10050)

Here is a patch for fix.py to retreive agent port from Zabbix API and use it :

def do_fix(vname, fix_cmd):
    try:
        h = zapi.host.get(filter={'name': vname}, output=['hostid'])
        if len(h) == 0:
            logging.warning('Can\'t find host {} in Zabbix. Skip fixing vulnerabilities on this host.'.format(vname))
            return False
        h_if = zapi.hostinterface.get(hostids=h[0]['hostid'],
                                      filter={'main': '1', 'type': '1'},
                                      output=['dns', 'ip', 'useip','port'])[0]
        if h_if['useip'] == '1':
            h_conn = h_if['ip']
        else:
            h_conn = h_if['dns']
        h_port = h_if['port']

        if use_zbx_agent_to_fix:
            cmd = '{z_get_bin} -s {h_conn} -p {h_port} -k "system.run[{fix_cmd},nowait]"'.format(z_get_bin=z_get_bin, h_conn=h_conn, h_port=h_port, fix_cmd=fix_cmd)
        else:
            cmd = 'ssh {} -l {} "{}"'.format(h_conn, ssh_user, fix_cmd)
        logging.info(cmd)
        out = shell(cmd)
        logging.info(out)
        return True
    except Exception as e:
        logging.info('Exception: {}'.format(e))
        return False

JD-ISWT avatar May 29 '20 09:05 JD-ISWT