Nagios XI Network Monitor 2011R1.9 SQL Injection Vulnerability

Nagios XI Network Monitor version 2011R1.9 suffers from a remote blind SQL injection vulnerability. ======= Summary ======= Name: Nagios XI Network Monitor - Blind SQL Injection Release Date: 30 November 2012 Reference: NGS00194 Discoverer: Daniel Compton Vendor: Nagios Vendor Reference: 0000282...

CVE-2012-5824

CVE-2012-5824 affects Trillian 5.1.0.19: it does not verify the server hostname against the certificate's CN or subjectAltName, enabling MITM via an arbitrary valid certificate. CVSSv2 base score 5.8 (Medium). No fix/version details are provided in the supplied documents.