24 matches found
Linux Distros Unpatched Vulnerability : CVE-2013-7108
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple off-by-one errors in Nagios Core 3.5.1, 4.0.2, and earlier, and Icinga before 1.8.5, 1.9 before 1.9.4, and 1.10 before 1.10.2 allow remote authenticate...
Debian: Security Advisory (DLA-60-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2014-0010)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2014:0156-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-1615-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-1615-1 : nagios3 security update
Several issues were corrected in nagios3, a monitoring and management system for hosts, services and networks. CVE-2018-18245 Maximilian Boehner of usd AG found a cross-site scripting XSS vulnerability in Nagios Core. This vulnerability allows attackers to place malicious JavaScript code into the...
[SECURITY] [DLA 1615-1] nagios3 security update
Package : nagios3 Version : 3.5.1.dfsg-2+deb8u1 CVE ID : CVE-2013-7108 CVE-2013-7205 CVE-2014-1878 CVE-2016-9566 CVE-2018-18245 Debian Bug : 771466 823721 917138 Several issues were corrected in nagios3, a monitoring and management system for hosts, services and networks. CVE-2018-18245 Maximilia...
Security Bulletin: Vulnerabilities in nagios affect PowerKVM
Summary PowerKVM is affected by vulnerabilities in magios. IBM has now addressed these vulnerabilities. Vulnerability Details CVEID: CVE-2017-14312 DESCRIPTION: Nagios Core could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the nagios.cfg. By...
Ubuntu 14.04 LTS / 16.04 LTS : Nagios regression (USN-3253-2)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3253-2 advisory. USN-3253-1 fixed vulnerabilities in Nagios. The update prevented log files from being displayed in the web interface. This update fixes the problem. W...
Ubuntu: Security Advisory (USN-3253-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 14.04 LTS / 16.04 LTS : Nagios vulnerabilities (USN-3253-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3253-1 advisory. It was discovered that Nagios incorrectly handled certain long strings. A remote authenticated attacker could use this issue to cause Nagios ...
Ubuntu: Security Advisory (USN-3253-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-60-1 : icinga security update
Two fixes for the Classic UI : - fix off-by-one memory access in processcgivars CVE-2013-7108 - prevent possible buffer overflows in cmd.cgi CVE-2014-1878 NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to...
GLSA-201412-23 : Nagios: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201412-23 Nagios: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Nagios. Please review the CVE identifiers referenced below for details. Impact : A remote attacker may be able to execute arbitrary code,...
[SECURITY] [DLA 60-1] icinga security update
Package : icinga Version : 1.0.2-2+squeeze2 CVE ID : CVE-2013-7108 CVE-2014-1878 Two fixes for the Classic UI: - fix off-by-one memory access in processcgivars CVE-2013-7108 - prevent possible buffer overflows in cmd.cgi CVE-2014-1878...
DLA-60-1 icinga - security update
Bulletin has no description...
[SECURITY] [DSA 2956-1] icinga security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2956-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff June 11, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2956-1] icinga security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2956-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff June 11, 2014 http://www.debian.org/security/faq -...
Nagios core CGI Process_cgivars Off-By-One (CVE-2013-7108)
There exists an Off-By-One flaw in Nagios Core. The problem is caused by improper boundary check when validating the parameters passed to the application. A remote authenticated attacker could exploit this vulnerability by sending a request with a crafted long parameter value resulting in the CGI...
SuSE 11.2 / 11.3 Security Update : nagios (SAT Patch Numbers 8726 / 8727)
This update fixes a DoS vulnerability in processcgivars of the nagios package. CVE-2013-7108 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself...