28 matches found
Nagios3 statuswml.cgi Ping Command Execution
No description provided by source. $Id: nagios3statuswmlping.rb 9829 2010-07-14 18:23:47Z hdm $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms ...
Nagios statuswml.cgi Command Injection
Added: 04/13/2010 CVE: CVE-2009-2288 BID: 35464 OSVDB: 55281 Background Nagios is a network host and service monitoring and management system. Problem The Nagios statuswml.cgi script passes unsanitized data to the ping and traceroute commands, resulting in shell command execution via...
Nagios statuswml.cgi Command Injection
Added: 04/13/2010 CVE: CVE-2009-2288 BID: 35464 OSVDB: 55281 Background Nagios is a network host and service monitoring and management system. Problem The Nagios statuswml.cgi script passes unsanitized data to the ping and traceroute commands, resulting in shell command execution via...
Nagios statuswml.cgi Command Injection
Added: 04/13/2010 CVE: CVE-2009-2288 BID: 35464 OSVDB: 55281 Background Nagios is a network host and service monitoring and management system. Problem The Nagios statuswml.cgi script passes unsanitized data to the ping and traceroute commands, resulting in shell command execution via...
Nagios statuswml.cgi Command Injection
Added: 04/13/2010 CVE: CVE-2009-2288 BID: 35464 OSVDB: 55281 Background Nagios is a network host and service monitoring and management system. Problem The Nagios statuswml.cgi script passes unsanitized data to the ping and traceroute commands, resulting in shell command execution via...
[security bulletin] HPSBMA02513 SSRT090110 rev.1 - Insight Control for Linux (IC-Linux) Remote Execution of Arbitrary Code, Local Unauthorized Elevation of Privilege
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02062621 Version: 1 HPSBMA02513 SSRT090110 rev.1 - Insight Control for Linux IC-Linux Remote Execution of Arbitrary Code, Local Unauthorized Elevation of Privilege NOTICE: The information in this...
Debian DSA-1825-1 : nagios2, nagios3 - insufficient input validation
It was discovered that the statuswml.cgi script of nagios, a monitoring and management system for hosts, services and networks, is prone to a command injection vulnerability. Input to the ping and traceroute parameters of the script is not properly validated which allows an attacker to execute...
Nagios3 statuswml.cgi Ping Command Execution
$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Nagios3...
Nagios3 - 'statuswml.cgi' Command Injection (Metasploit)
$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Nagios3...
SLES10: Security update for nagios
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: nagios nagios-www More details may also be found by searching for the SuSE Enterprise Server 10 patch database linked in the references...
openSUSE 10 Security Update : nagios (nagios-6355)
A shell injection bug in nagios' statuswml.cgi CGI script has been fixed. CVE-2009-2288 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update nagios-6355. The text...
SuSE 11 Security Update : nagios (SAT Patch Number 1105)
A shell injection bug in nagios' statuswml.cgi CGI script has been fixed. CVE-2009-2288 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is...
SuSE 10 Security Update : nagios (ZYPP Patch Number 6356)
A shell injection bug in nagios' statuswml.cgi CGI script has been fixed. CVE-2009-2288 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
Mandrake Security Advisory MDVSA-2009:187 (nagios)
The remote host is missing an update to nagios announced via advisory MDVSA-2009:187. OpenVAS Vulnerability Test $Id: mdksa2009187.nasl 6587 2017-07-07 06:35:35Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:187 nagios Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft In...
Mandrake Security Advisory MDVSA-2009:187 (nagios)
The remote host is missing an update to nagios announced via advisory MDVSA-2009:187. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...
openSUSE Security Update : nagios (nagios-1102)
A shell injection bug in nagios' statuswml.cgi CGI script has been fixed. CVE-2009-2288 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update nagios-1102. The text...
openSUSE Security Update : nagios (nagios-1102)
A shell injection bug in nagios' statuswml.cgi CGI script has been fixed. CVE-2009-2288 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update nagios-1102. The text...
Gentoo Security Advisory GLSA 200907-15 (nagios-core)
The remote host is missing updates announced in advisory GLSA 200907-15. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Nagios 'statuswml.cgi' Remote Arbitrary Shell Command Injection Vulnerability
Nagios is prone to a remote command-injection vulnerability because it fails to adequately sanitize user-supplied input data. Remote attackers can exploit this issue to execute arbitrary shell commands with the privileges of the user running the application. Note that for an exploit to succeed,...
Debian: Security Advisory (DSA-1825-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...