USN-3253-1: Nagios vulnerabilities

🗓️ 03 Apr 2017 17:42:28Reported by UbuntuType

ubuntu

ubuntu🔗 ubuntu.com👁 63 Views

Nagios vulnerabilities in Ubuntu 16.10, 16.04 ESM, and 14.04 ESM due to long strings and symlink handlin

Reporter	Title	Published	Views	Family All 155
IBM Security Bulletins	Security Bulletin: Vulnerabilities in nagios affect PowerKVM	18 Jun 201801:33	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in nagios affect PowerKVM	18 Jun 201801:38	–	ibm
0day.today	Nagios 4.2.4 - Privilege Escalation Exploit	16 Dec 201600:00	–	zdt
0day.today	Nagios 4.2.2 - Arbitrary Code Execution Exploit	16 Dec 201600:00	–	zdt
Amazon	Important: nagios	3 Oct 201700:00	–	amazon
Tenable Nessus	Amazon Linux AMI : nagios (ALAS-2017-899)	4 Oct 201700:00	–	nessus
Tenable Nessus	Debian DLA-1615-1 : nagios3 security update	27 Dec 201800:00	–	nessus
Tenable Nessus	Debian DLA-461-1 : nagios3 security update	9 May 201600:00	–	nessus
Tenable Nessus	Debian DLA-60-1 : icinga security update	26 Mar 201500:00	–	nessus
Tenable Nessus	Debian DLA-751-1 : nagios3 security update	20 Dec 201600:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
Ubuntu	14.04	any	nagios3	3.5.1-1ubuntu1.1	nagios3_3.5.1-1ubuntu1.1_any.deb
Ubuntu	16.04	any	nagios3	3.5.1.dfsg-2.1ubuntu1.1	nagios3_3.5.1.dfsg-2.1ubuntu1.1_any.deb
Ubuntu	16.10	any	nagios3-cgi	3.5.1.dfsg-2.1ubuntu3.1	nagios3-cgi_3.5.1.dfsg-2.1ubuntu3.1_any.deb

03 Apr 2017 17:42Current

7.3High risk

Vulners AI Score7.3

CVSS 27.2

CVSS 37.8

EPSS0.48577

nagios ubuntu vulnerabilities long strings symlink handling denial of service sensitive information