Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:DSA-1883-2
HistorySep 10, 2009 - 12:00 a.m.

nagios2 - regression fix

2009-09-1000:00:00
Google
osv.dev
11

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.004 Low

EPSS

Percentile

67.9%

JSON

Several vulnerabilities have been found in nagios2, a host/service/network
monitoring and management system. The Common Vulnerabilities and
Exposures project identifies the following problems:

Several cross-site scripting issues via several parameters were
discovered in the CGI scripts, allowing attackers to inject arbitrary
HTML code. In order to cover the different attack vectors, these issues
have been assigned CVE-2007-5624, CVE-2007-5803 and CVE-2008-1360.

For the oldstable distribution (etch), these problems have been fixed in
version 2.6-2+etch4.

The stable distribution (lenny) does not include nagios2, and nagios3 is
not affected by these problems.

The testing distribution (squeeze) and the unstable distribution (sid)
do not contain nagios2, and nagios3 is not affected by these problems.

We recommend that you upgrade your nagios2 packages.

Related

openvas 15
nessus 6
cve 3
prion 3
debian 2
osv 1
ubuntucve 3
redhatcve 1
fedora 2
freebsd 1
openvas
openvas
FreeBSD Ports: nagios
2008-09-04 00:00:00
Mandrake Security Advisory MDVSA-2009:054 (nagios)
2009-03-02 00:00:00
SLES10: Security update for nagios
2009-10-13 00:00:00
nessus
nessus
openSUSE 10 Security Update : nagios (nagios-5168)
2008-05-01 00:00:00
Debian DSA-1883-1 : nagios2 - missing input sanitising
2010-02-24 00:00:00
SuSE 10 Security Update : nagios (ZYPP Patch Number 5165)
2008-05-01 00:00:00
cve
cve
CVE-2007-5803
2008-05-13 23:20:00
CVE-2008-1360
2008-03-17 17:44:00
CVE-2007-5624
2007-10-23 16:46:00
prion
prion
Cross site scripting
2008-05-13 23:20:00
Cross site scripting
2008-03-17 17:44:00
Cross site scripting
2007-10-23 16:46:00
debian
debian
[SECURITY] [DSA 1883-2] New nagios2 packages fix regression
2009-09-14 14:51:20
[SECURITY] [DSA 1883-1] New nagios2 packages fix several cross-site scriptings
2009-09-10 04:00:22
osv
osv
nagios2 - several cross-site scriptings
2009-09-10 00:00:00
ubuntucve
ubuntucve
CVE-2007-5803
2008-05-13 00:00:00
CVE-2008-1360
2008-03-17 00:00:00
CVE-2007-5624
2007-10-23 00:00:00
redhatcve
redhatcve
CVE-2008-1360
2019-10-04 21:58:12
fedora
fedora
[SECURITY] Fedora 7 Update: nagios-2.10-3.fc7
2007-12-07 18:12:31
[SECURITY] Fedora 8 Update: nagios-2.10-5.fc8
2007-12-07 18:23:12
freebsd
freebsd
Nagios -- Cross Site Scripting Vulnerability
2008-05-20 00:00:00

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.004 Low

EPSS

Percentile

67.9%

JSON
Related for OSV:DSA-1883-2
openvas15nessus6cve3prion3debian2osv1ubuntucve3redhatcve1fedora2freebsd1