Login or Register to Ask a Question and Join Our Community


Infrastructure Monitoring

USN-795-1: Nagios vulnerability

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums UNIX and Linux Applications Infrastructure Monitoring USN-795-1: Nagios vulnerability
# 1  
Old 07-02-2009
USN-795-1: Nagios vulnerability
Referenced CVEs:
CVE-2009-2288


Description:
=========================================================== Ubuntu Security Notice USN-795-1 July 02, 2009 nagios2, nagios3 vulnerability CVE-2009-2288 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.04 LTS: nagios2 2.11-1ubuntu1.5 Ubuntu 8.10: nagios3 3.0.2-1ubuntu1.2 Ubuntu 9.04: nagios3 3.0.6-2ubuntu1.1 After a standard system upgrade you need to restart Nagios to effect the necessary changes. Details follow: It was discovered that Nagios did not properly parse certain commands submitted using the WAP web interface. An authenticated user could exploit this flaw and execute arbitrary programs on the server.





More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT SUSE

nagiosstats

nagiosstats(8)							      nagios							    nagiosstats(8)

NAME

       nagiosstats - report statistics information from the Nagios system

SYNOPSIS

       nagiosstats [-hVL] [-c config] [-m] [-d]

DESCRIPTION

       nagiosstats  is	a program designed to provide information on the running Nagios system.  It can provide a brief summary of information, or
       it can be used to export specific information about the Nagios system into an MRTG-compatible format.  For more information please  consult
       the Nagios online documentation available at http://www.nagios.org or the documentation available with your Nagios server's web page.

OPTIONS

       -c|--config=FILE
	      The main configuration file. On openSUSE systems this defaults to /etc/nagios/nagios.cfg

       -m|--mrtg
	      Print output in MRTG-compatible format. For more details run nagiosstats with --help

       -d|--data=VARS
	      Comma-seperated list of variables to output in MRTG format.  For more details run nagiosstats with --help.

       -h|--help
	      A helpful usage message

       -V|--version
	      Print version information

       -L|--license
	      Print license details

FILES

       /etc/nagios
	      Default configuration directory for Nagios

AUTHOR

       Nagios is written and maintained by Ethan Galstad <nagios@nagios.org>. This manual page was written by sean finney <seanius@debian.org> for
       the Debian GNU/Linux operating system (but it may be freely used, modified, and redistributed by others) and adapted for openSUSE  by  Lars
       Vogdt.

sean finney, Lars Vogdt 				      February 2006, May 2010						    nagiosstats(8)