Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
suseSuseOPENSUSE-SU-2017:0146-1
HistoryJan 16, 2017 - 7:14 p.m.

Security update for icinga (important)

2017-01-1619:14:55
lists.opensuse.org
35

0.929 High

EPSS

Percentile

99.0%

JSON

This update for icinga includes various upstream fixes and the following
security security fixes:

 - icinga was updated to version 1.14.0
 - the classic-UI was vulnerable to a cross site scripting attack
   (CVE-2015-8010, boo#952777)
 - A user with nagios privileges could have gained root privileges by
   placing a symbolic link at the logfile location (CVE-2016-9566,
   boo#1014637)
OSVersionArchitecturePackageVersionFilename
openSUSE Leap42.1i586icinga-idoutils-mysql< 1.14.0-3.1icinga-idoutils-mysql-1.14.0-3.1.i586.rpm
openSUSE Leap42.1x86_64icinga-plugins-eventhandlers< 1.14.0-3.1icinga-plugins-eventhandlers-1.14.0-3.1.x86_64.rpm
openSUSE Leap42.1i586icinga-idoutils< 1.14.0-3.1icinga-idoutils-1.14.0-3.1.i586.rpm
openSUSE Leap42.2x86_64icinga-idoutils-mysql< 1.14.0-4.1icinga-idoutils-mysql-1.14.0-4.1.x86_64.rpm
openSUSE Leap42.2x86_64monitoring-tools< 1.14.0-4.1monitoring-tools-1.14.0-4.1.x86_64.rpm
openSUSE Leap42.1i586icinga-doc< 1.14.0-3.1icinga-doc-1.14.0-3.1.i586.rpm
openSUSE Leap42.1i586monitoring-tools< 1.14.0-3.1monitoring-tools-1.14.0-3.1.i586.rpm
openSUSE Leap42.1i586icinga-devel< 1.14.0-3.1icinga-devel-1.14.0-3.1.i586.rpm
openSUSE Leap42.1i586monitoring-tools-debuginfo< 1.14.0-3.1monitoring-tools-debuginfo-1.14.0-3.1.i586.rpm
openSUSE Leap42.2x86_64icinga-idoutils-pgsql< 1.14.0-4.1icinga-idoutils-pgsql-1.14.0-4.1.x86_64.rpm
Rows per page:
1-10 of 511

Related

openvas 11
nessus 14
debiancve 2
cve 2
prion 2
ubuntucve 2
cvelist 2
nvd 2
zdt 1
redhatcve 1
veracode 1
gentoo 3
exploitpack 2
mageia 1
debian 2
redhat 6
osv 2
seebug 1
exploitdb 2
threatpost 1
packetstorm 1
suse 1
ubuntu 2
fedora 1
amazon 1
openvas
openvas
openSUSE: Security Advisory for icinga (openSUSE-SU-2017:0146-1)
2017-01-17 00:00:00
Icinga XSS Vulnerability
2017-03-31 00:00:00
Nagios Privilege Escalation Vulnerability
2016-12-15 00:00:00
nessus
nessus
openSUSE Security Update : icinga (openSUSE-2017-100)
2017-01-17 00:00:00
GLSA-201612-51 : Icinga: Privilege escalation
2017-01-03 00:00:00
Debian DLA-751-1 : nagios3 security update
2016-12-20 00:00:00
debiancve
debiancve
CVE-2015-8010
2017-03-27 17:59:00
CVE-2016-9566
2016-12-15 22:59:00
cve
cve
CVE-2015-8010
2017-03-27 17:59:00
CVE-2016-9566
2016-12-15 22:59:00
prion
prion
Cross site scripting
2017-03-27 17:59:00
Design/Logic Flaw
2016-12-15 22:59:00
ubuntucve
ubuntucve
CVE-2015-8010
2017-03-27 00:00:00
CVE-2016-9566
2016-12-15 00:00:00
cvelist
cvelist
CVE-2015-8010
2017-03-27 17:00:00
CVE-2016-9566
2016-12-15 22:00:00
nvd
nvd
CVE-2015-8010
2017-03-27 17:59:00
CVE-2016-9566
2016-12-15 22:59:00
zdt
zdt
Nagios 4.2.4 - Privilege Escalation Exploit
2016-12-16 00:00:00
redhatcve
redhatcve
CVE-2016-9566
2016-12-08 14:17:24
veracode
veracode
Privilege Escalation
2019-05-02 06:09:53
gentoo
gentoo
Icinga: Privilege escalation
2016-12-31 00:00:00
Nagios: Multiple vulnerabilities
2017-10-18 00:00:00
Nagios: Multiple vulnerabilities
2017-02-21 00:00:00
exploitpack
exploitpack
Nagios 4.2.4 - Local Privilege Escalation
2016-12-15 00:00:00
Nagios 4.2.2 - Arbitrary Code Execution
2016-12-15 00:00:00
mageia
mageia
Updated nagios packages fix security vulnerabilities
2017-02-12 02:47:14
debian
debian
[SECURITY] [DLA 751-1] nagios3 security update
2016-12-17 01:28:58
[SECURITY] [DLA 1615-1] nagios3 security update
2018-12-24 18:11:01
redhat
redhat
(RHSA-2017:0258) Important: nagios security update
2017-02-07 11:08:21
(RHSA-2017:0259) Important: nagios security update
2017-02-07 11:08:27
(RHSA-2017:0214) Important: nagios security update
2017-01-31 05:22:54
osv
osv
nagios3 - security update
2016-12-17 00:00:00
nagios3 - security update
2018-12-24 00:00:00
seebug
seebug
Nagios Core < 4.2.4 - Root Privilege Escalation (CVE-2016-9566)
2016-12-16 00:00:00
exploitdb
exploitdb
Nagios &lt; 4.2.2 - Arbitrary Code Execution
2016-12-15 00:00:00
Nagios &lt; 4.2.4 - Local Privilege Escalation
2016-12-15 00:00:00
threatpost
threatpost
Nagios Core Patches Root, RCE Vulnerabilities
2016-12-16 11:00:13
packetstorm
packetstorm
Nagios Core Curl Command Injection / Code Execution
2016-12-15 00:00:00
suse
suse
Security update for icinga (moderate)
2018-10-19 18:40:08
ubuntu
ubuntu
Nagios regression
2017-06-07 00:00:00
Nagios vulnerabilities
2017-04-03 00:00:00
fedora
fedora
[SECURITY] Fedora 27 Update: nagios-4.3.4-3.fc27
2017-11-15 17:56:42
amazon
amazon
Important: nagios
2017-10-03 11:00:00

0.929 High

EPSS

Percentile

99.0%

JSON
Related for OPENSUSE-SU-2017:0146-1
openvas11nessus14debiancve2cve2prion2ubuntucve2cvelist2nvd2zdt1redhatcve1veracode1gentoo3exploitpack2mageia1debian2redhat6osv2seebug1exploitdb2threatpost1packetstorm1suse1ubuntu2fedora1amazon1