USN-795-1: Nagios vulnerability

07-02-2009

Registered User

26,240, 27

Join Date: Sep 2000

Last Activity: 1 August 2008, 3:09 PM EDT

Posts: 26,240

Thanks Given: 0

Thanked 27 Times in 26 Posts

USN-795-1: Nagios vulnerability

Referenced CVEs:
CVE-2009-2288

Description:
=========================================================== Ubuntu Security Notice USN-795-1 July 02, 2009 nagios2, nagios3 vulnerability CVE-2009-2288 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.04 LTS: nagios2 2.11-1ubuntu1.5 Ubuntu 8.10: nagios3 3.0.2-1ubuntu1.2 Ubuntu 9.04: nagios3 3.0.6-2ubuntu1.1 After a standard system upgrade you need to restart Nagios to effect the necessary changes. Details follow: It was discovered that Nagios did not properly parse certain commands submitted using the WAP web interface. An authenticated user could exploit this flaw and execute arbitrary programs on the server.

More...

Linux Bot

View Public Profile for Linux Bot

Find all posts by Linux Bot

Nagios::Plugin::Config(3pm) User Contributed Perl Documentation Nagios::Plugin::Config(3pm) NAME
Nagios::Plugin::Config - read nagios plugin .ini style config files SYNOPSIS
# Read given nagios plugin config file $Config = Nagios::Plugin::Config->read( '/etc/nagios/plugins.ini' ); # Search for and read default nagios plugin config file $Config = Nagios::Plugin::Config->read(); # Access sections and properties (returns scalars or arrayrefs) $rootproperty = $Config->{_}->{rootproperty}; $one = $Config->{section}->{one}; $Foo = $Config->{section}->{Foo}; DESCRIPTION
Nagios::Plugin::Config is a subclass of the excellent Config::Tiny, with the following changes: o Repeated keys are allowed within sections, returning lists instead of scalars o Write functionality has been removed i.e. access is read only o Nagios::Plugin::Config searches for a default nagios plugins file if no explicit filename is given to "read()". The current standard locations checked are: /etc/nagios/plugins.ini /usr/local/nagios/etc/plugins.ini /usr/local/etc/nagios /etc/opt/nagios/plugins.ini /etc/nagios-plugins.ini /usr/local/etc/nagios-plugins.ini /etc/opt/nagios-plugins.ini To use a custom location, set a "NAGIOS_CONFIG_PATH" environment variable to the set of directories that should be checked. The first "plugins.ini" or "nagios-plugins.ini" file found will be used. SEE ALSO
Config::Tiny, Nagios::Plugin AUTHORS
This code is maintained by the Nagios Plugin Development Team: <http://nagiosplug.sourceforge.net>. COPYRIGHT and LICENCE Copyright (C) 2006-2007 by Nagios Plugin Development Team This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself. perl v5.14.2 2010-12-03 Nagios::Plugin::Config(3pm)

Infrastructure Monitoring

USN-795-1: Nagios vulnerability

LEARN ABOUT DEBIAN

nagios::plugin::config