Lucene search
UbuntuUSN-698-1HistoryDec 22, 2008 - 12:00 a.m.
Nagios vulnerability
2008-12-2200:00:00
ubuntu.com
32
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
6.3
Confidence
Low
EPSS
0.032
Percentile
91.2%
Releases
- Ubuntu 6.06
Packages
- nagios -
Details
It was discovered that Nagios did not properly parse commands submitted using
the web interface. An authenticated user could use a custom form or a browser
addon to bypass security restrictions and submit unauthorized commands.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 6.06 | noarch | nagios-common | < 2:1.3-cvs.20050402-8ubuntu8 | UNKNOWN |
| Ubuntu | 6.06 | noarch | nagios-mysql | < 2:1.3-cvs.20050402-8ubuntu8 | UNKNOWN |
| Ubuntu | 6.06 | noarch | nagios-pgsql | < 2:1.3-cvs.20050402-8ubuntu8 | UNKNOWN |
| Ubuntu | 6.06 | noarch | nagios-text | < 2:1.3-cvs.20050402-8ubuntu8 | UNKNOWN |
References
Related
prion
prion
Authorization
2008-11-10 15:23:00
nvd
nvd
CVE-2008-5027
2008-11-10 15:23:29
nessus
nessus
Fedora 10 : nagios-3.0.5-1.fc10 (2008-10323)
2009-04-23 00:00:00
Ubuntu 6.06 LTS : nagios vulnerability (USN-698-1)
2009-04-23 00:00:00
cvelist
cvelist
CVE-2008-5027
2008-11-10 15:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-698-1)
2009-03-23 00:00:00
Nagios Web Interface < 3.0.5 Privilege Escalation Vulnerability
2009-05-06 00:00:00
Ubuntu Update for nagios vulnerability USN-698-1
2009-03-23 00:00:00
securityvulns
securityvulns
[USN-698-1] Nagios vulnerability
2008-12-23 00:00:00
cve
cve
CVE-2008-5027
2008-11-10 15:23:29
freebsd
freebsd
nagios -- web interface privilege escalation vulnerability
2008-11-06 00:00:00
fedora
fedora
[SECURITY] Fedora 10 Update: nagios-3.0.5-1.fc10
2008-11-26 06:19:44
ubuntu
ubuntu
Nagios3 vulnerabilities
2008-12-22 00:00:00
Nagios vulnerabilities
2008-12-23 00:00:00
ubuntucve
ubuntucve
CVE-2008-6373
2009-03-02 00:00:00
CVE-2008-5027
2008-11-10 00:00:00
gentoo
gentoo
Nagios: Execution of arbitrary code
2009-07-19 00:00:00
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
6.3
Confidence
Low
EPSS
0.032
Percentile
91.2%
Related for USN-698-1