Lucene search
K

28 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.19 views

Nagios3 statuswml.cgi Ping Command Execution

No description provided by source. $Id: nagios3statuswmlping.rb 9829 2010-07-14 18:23:47Z hdm $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms ...

7.1AI score
Exploits0
Saint
Saint
added 2010/04/13 12:0 a.m.75 views

Nagios statuswml.cgi Command Injection

Added: 04/13/2010 CVE: CVE-2009-2288 BID: 35464 OSVDB: 55281 Background Nagios is a network host and service monitoring and management system. Problem The Nagios statuswml.cgi script passes unsanitized data to the ping and traceroute commands, resulting in shell command execution via...

7.5CVSS7.8AI score0.83453EPSS
Exploits14
Saint
Saint
added 2010/04/13 12:0 a.m.35 views

Nagios statuswml.cgi Command Injection

Added: 04/13/2010 CVE: CVE-2009-2288 BID: 35464 OSVDB: 55281 Background Nagios is a network host and service monitoring and management system. Problem The Nagios statuswml.cgi script passes unsanitized data to the ping and traceroute commands, resulting in shell command execution via...

7.5CVSS7.8AI score0.83453EPSS
Exploits14
Saint
Saint
added 2010/04/13 12:0 a.m.39 views

Nagios statuswml.cgi Command Injection

Added: 04/13/2010 CVE: CVE-2009-2288 BID: 35464 OSVDB: 55281 Background Nagios is a network host and service monitoring and management system. Problem The Nagios statuswml.cgi script passes unsanitized data to the ping and traceroute commands, resulting in shell command execution via...

7.5CVSS7.8AI score0.83453EPSS
Exploits14
Saint
Saint
added 2010/04/13 12:0 a.m.54 views

Nagios statuswml.cgi Command Injection

Added: 04/13/2010 CVE: CVE-2009-2288 BID: 35464 OSVDB: 55281 Background Nagios is a network host and service monitoring and management system. Problem The Nagios statuswml.cgi script passes unsanitized data to the ping and traceroute commands, resulting in shell command execution via...

7.5CVSS7.8AI score0.83453EPSS
Exploits14
securityvulns
securityvulns
added 2010/03/31 12:0 a.m.61 views

[security bulletin] HPSBMA02513 SSRT090110 rev.1 - Insight Control for Linux (IC-Linux) Remote Execution of Arbitrary Code, Local Unauthorized Elevation of Privilege

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02062621 Version: 1 HPSBMA02513 SSRT090110 rev.1 - Insight Control for Linux IC-Linux Remote Execution of Arbitrary Code, Local Unauthorized Elevation of Privilege NOTICE: The information in this...

7.5CVSS0.7AI score0.83453EPSS
Exploits14
Tenable Nessus
Tenable Nessus
added 2010/02/24 12:0 a.m.38 views

Debian DSA-1825-1 : nagios2, nagios3 - insufficient input validation

It was discovered that the statuswml.cgi script of nagios, a monitoring and management system for hosts, services and networks, is prone to a command injection vulnerability. Input to the ping and traceroute parameters of the script is not properly validated which allows an attacker to execute...

7.5CVSS6AI score0.83453EPSS
Exploits14References2
Packet Storm
Packet Storm
added 2009/10/30 12:0 a.m.59 views

Nagios3 statuswml.cgi Ping Command Execution

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Nagios3...

7.5CVSS0.83453EPSS
Exploits14
Exploit DB
Exploit DB
added 2009/10/30 12:0 a.m.39 views

Nagios3 - 'statuswml.cgi' Command Injection (Metasploit)

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Nagios3...

7.5CVSS6.7AI score0.83453EPSS
Exploits14
OpenVAS
OpenVAS
added 2009/10/13 12:0 a.m.29 views

SLES10: Security update for nagios

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: nagios nagios-www More details may also be found by searching for the SuSE Enterprise Server 10 patch database linked in the references...

7.5CVSS7.5AI score0.83453EPSS
Exploits14References1
Tenable Nessus
Tenable Nessus
added 2009/10/06 12:0 a.m.42 views

openSUSE 10 Security Update : nagios (nagios-6355)

A shell injection bug in nagios' statuswml.cgi CGI script has been fixed. CVE-2009-2288 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update nagios-6355. The text...

7.5CVSS5.2AI score0.83453EPSS
Exploits14References1
Tenable Nessus
Tenable Nessus
added 2009/09/24 12:0 a.m.39 views

SuSE 11 Security Update : nagios (SAT Patch Number 1105)

A shell injection bug in nagios' statuswml.cgi CGI script has been fixed. CVE-2009-2288 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is...

7.5CVSS5.2AI score0.83453EPSS
Exploits14References3
Tenable Nessus
Tenable Nessus
added 2009/09/24 12:0 a.m.36 views

SuSE 10 Security Update : nagios (ZYPP Patch Number 6356)

A shell injection bug in nagios' statuswml.cgi CGI script has been fixed. CVE-2009-2288 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

7.5CVSS5.2AI score0.83453EPSS
Exploits14References2
OpenVAS
OpenVAS
added 2009/08/17 12:0 a.m.25 views

Mandrake Security Advisory MDVSA-2009:187 (nagios)

The remote host is missing an update to nagios announced via advisory MDVSA-2009:187. OpenVAS Vulnerability Test $Id: mdksa2009187.nasl 6587 2017-07-07 06:35:35Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:187 nagios Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft In...

7.5CVSS0.7AI score0.83453EPSS
Exploits14
OpenVAS
OpenVAS
added 2009/08/17 12:0 a.m.22 views

Mandrake Security Advisory MDVSA-2009:187 (nagios)

The remote host is missing an update to nagios announced via advisory MDVSA-2009:187. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

7.5CVSS7.5AI score0.83453EPSS
Exploits14References1
Tenable Nessus
Tenable Nessus
added 2009/07/31 12:0 a.m.36 views

openSUSE Security Update : nagios (nagios-1102)

A shell injection bug in nagios' statuswml.cgi CGI script has been fixed. CVE-2009-2288 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update nagios-1102. The text...

7.5CVSS5.2AI score0.83453EPSS
Exploits14References2
Tenable Nessus
Tenable Nessus
added 2009/07/31 12:0 a.m.41 views

openSUSE Security Update : nagios (nagios-1102)

A shell injection bug in nagios' statuswml.cgi CGI script has been fixed. CVE-2009-2288 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update nagios-1102. The text...

7.5CVSS5.2AI score0.83453EPSS
Exploits14References2
OpenVAS
OpenVAS
added 2009/07/29 12:0 a.m.32 views

Gentoo Security Advisory GLSA 200907-15 (nagios-core)

The remote host is missing updates announced in advisory GLSA 200907-15. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

7.5CVSS0.6AI score0.83453EPSS
Exploits14
OpenVAS
OpenVAS
added 2009/07/08 12:0 a.m.29 views

Nagios 'statuswml.cgi' Remote Arbitrary Shell Command Injection Vulnerability

Nagios is prone to a remote command-injection vulnerability because it fails to adequately sanitize user-supplied input data. Remote attackers can exploit this issue to execute arbitrary shell commands with the privileges of the user running the application. Note that for an exploit to succeed,...

7.5CVSS7.4AI score0.83453EPSS
Exploits14References1
OpenVAS
OpenVAS
added 2009/07/06 12:0 a.m.32 views

Debian: Security Advisory (DSA-1825-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.83453EPSS
Exploits14References3
Rows per page
Query Builder