Lucene search
UbuntuUSN-795-1HistoryJul 02, 2009 - 12:00 a.m.
Nagios vulnerability
2009-07-0200:00:00
ubuntu.com
38
Releases
- Ubuntu 9.04
- Ubuntu 8.10
- Ubuntu 8.04
Packages
- nagios2 -
- nagios3 -
Details
It was discovered that Nagios did not properly parse certain commands
submitted using the WAP web interface. An authenticated user could exploit
this flaw and execute arbitrary programs on the server.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 9.04 | noarch | nagios3 | < 3.0.6-2ubuntu1.1 | UNKNOWN |
| Ubuntu | 9.04 | noarch | nagios3-dbg | < 3.0.6-2ubuntu1.1 | UNKNOWN |
| Ubuntu | 8.10 | noarch | nagios3 | < 3.0.2-1ubuntu1.2 | UNKNOWN |
| Ubuntu | 8.10 | noarch | nagios3-dbg | < 3.0.2-1ubuntu1.2 | UNKNOWN |
| Ubuntu | 8.04 | noarch | nagios2 | < 2.11-1ubuntu1.5 | UNKNOWN |
| Ubuntu | 8.04 | noarch | nagios2-dbg | < 2.11-1ubuntu1.5 | UNKNOWN |
References
Related
checkpoint_advisories
checkpoint_advisories
Nagios statuswml.cgi Command Execution (CVE-2009-2288)
2013-12-02 00:00:00
nessus
nessus
Debian DSA-1825-1 : nagios2, nagios3 - insufficient input validation
2010-02-24 00:00:00
SuSE 11 Security Update : nagios (SAT Patch Number 1105)
2009-09-24 00:00:00
openSUSE Security Update : nagios (nagios-1102)
2009-07-31 00:00:00
openvas
openvas
Ubuntu USN-795-1 (nagios3)
2009-07-06 00:00:00
Ubuntu: Security Advisory (USN-795-1)
2009-07-06 00:00:00
Debian: Security Advisory (DSA-1825-1)
2009-07-06 00:00:00
packetstorm
packetstorm
Nagios3 statuswml.cgi Ping Command Execution
2009-10-30 00:00:00
saint
saint
Nagios statuswml.cgi Command Injection
2010-04-13 00:00:00
Nagios statuswml.cgi Command Injection
2010-04-13 00:00:00
Nagios statuswml.cgi Command Injection
2010-04-13 00:00:00
freebsd
freebsd
nagios -- Command Injection Vulnerability
2009-05-29 00:00:00
canvas
canvas
Immunity Canvas: NAGIOS_PING
2009-07-01 13:00:00
dsquare
dsquare
Nagios 3.1.0 RCE
2012-01-30 00:00:00
ubuntucve
ubuntucve
CVE-2009-2288
2009-07-01 00:00:00
debian
debian
securityvulns
securityvulns
[USN-795-1] Nagios vulnerability
2009-07-03 00:00:00
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2009-07-03 00:00:00
HP Insight Control for Linux multiple security vulnerabilities
2010-03-31 00:00:00
cvelist
cvelist
CVE-2009-2288
2009-07-01 12:26:00
prion
prion
Code injection
2009-07-01 13:00:00
cve
cve
CVE-2009-2288
2009-07-01 13:00:00
gentoo
gentoo
Nagios: Execution of arbitrary code
2009-07-19 00:00:00