Login or Register to Ask a Question and Join Our Community


Infrastructure Monitoring

USN-795-1: Nagios vulnerability

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums UNIX and Linux Applications Infrastructure Monitoring USN-795-1: Nagios vulnerability
# 1  
Old 07-02-2009
USN-795-1: Nagios vulnerability
Referenced CVEs:
CVE-2009-2288


Description:
=========================================================== Ubuntu Security Notice USN-795-1 July 02, 2009 nagios2, nagios3 vulnerability CVE-2009-2288 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.04 LTS: nagios2 2.11-1ubuntu1.5 Ubuntu 8.10: nagios3 3.0.2-1ubuntu1.2 Ubuntu 9.04: nagios3 3.0.6-2ubuntu1.1 After a standard system upgrade you need to restart Nagios to effect the necessary changes. Details follow: It was discovered that Nagios did not properly parse certain commands submitted using the WAP web interface. An authenticated user could exploit this flaw and execute arbitrary programs on the server.





More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT DEBIAN

nagios3stats

nagios3stats(8) 						      nagios							   nagios3stats(8)

NAME

       nagios3stats - report statistics information from the nagios system

SYNOPSIS

       nagios3stats [-hVL] [-c config] [-m] [-d]

DESCRIPTION

       nagios3stats  Is a program designed to provide information on the running nagios system.  It can provide a brief summary of information, or
       it can be used to export specific information about the nagios system into an MRTG-compatible format.  For more information please  consult
       the nagios online documentation available at http://www.nagios.org or the documentation available with your nagios server's web page.

OPTIONS

       -c|--config=FILE
	      The main configuration file.  On debian systems this defaults to /etc/nagios3/nagios.cfg

       -m|--mrtg
	      Print output in MRTG-compatible format.  For more details run nagios3stats with --help

       -d|--data=VARS
	      Comma-seperated list of variables to output in MRTG format.  For more details run nagios3stats with --help.

       -h|--help
	      A helpful usage message

       -V|--version
	      Print version information

       -L|--license
	      Print license details

FILES

       /etc/nagios3
	      Default configuration directory for nagios3

AUTHOR

       nagios3	is  written and maintained by Ethan Galstad <nagios@nagios.org>.  This manual page was written by sean finney <seanius@debian.org>
       for the Debian GNU/Linux operating system (but it may be freely used, modified, and redistributed by others).

sean finney							   February 2006						   nagios3stats(8)