Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

USN-698-1: Nagios vulnerability

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) USN-698-1: Nagios vulnerability
# 1  
Old 12-22-2008
USN-698-1: Nagios vulnerability
Referenced CVEs:
CVE-2008-5027


Description:
=========================================================== Ubuntu Security Notice USN-698-1 December 22, 2008 nagios vulnerability CVE-2008-5027 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: nagios-common 2:1.3-cvs.20050402-8ubuntu8 After a standard system upgrade you need to restart Nagios to effect the necessary changes. Details follow: It was discovered that Nagios did not properly parse commands submitted using the web interface. An authenticated user could use a custom form or a browser addon to bypass security restrictions and submit unauthorized commands.





More...
Login or Register to Ask a Question

Previous Thread | Next Thread

1 More Discussions You Might Find Interesting

1. Infrastructure Monitoring

USN-795-1: Nagios vulnerability

Referenced CVEs: CVE-2009-2288 Description: =========================================================== Ubuntu Security Notice USN-795-1 July 02, 2009 nagios2, nagios3... (0 Replies)
Discussion started by: Linux Bot
0 Replies
Login or Register to Ask a Question

LEARN ABOUT DEBIAN

nagios::plugin::config

Nagios::Plugin::Config(3pm)				User Contributed Perl Documentation			       Nagios::Plugin::Config(3pm)

NAME

       Nagios::Plugin::Config - read nagios plugin .ini style config files

SYNOPSIS

	   # Read given nagios plugin config file
	   $Config = Nagios::Plugin::Config->read( '/etc/nagios/plugins.ini' );

	   # Search for and read default nagios plugin config file
	   $Config = Nagios::Plugin::Config->read();

	   # Access sections and properties (returns scalars or arrayrefs)
	   $rootproperty =  $Config->{_}->{rootproperty};
	   $one = $Config->{section}->{one};
	   $Foo = $Config->{section}->{Foo};

DESCRIPTION

       Nagios::Plugin::Config is a subclass of the excellent Config::Tiny, with the following changes:

       o   Repeated keys are allowed within sections, returning lists instead of scalars

       o   Write functionality has been removed i.e. access is read only

       o   Nagios::Plugin::Config searches for a default nagios plugins file if no explicit filename is given to "read()". The current standard
	   locations checked are:

	   /etc/nagios/plugins.ini
	   /usr/local/nagios/etc/plugins.ini
	   /usr/local/etc/nagios /etc/opt/nagios/plugins.ini
	   /etc/nagios-plugins.ini
	   /usr/local/etc/nagios-plugins.ini
	   /etc/opt/nagios-plugins.ini

	   To use a custom location, set a "NAGIOS_CONFIG_PATH" environment variable to the set of directories that should be checked. The first
	   "plugins.ini" or "nagios-plugins.ini" file found will be used.

SEE ALSO

       Config::Tiny, Nagios::Plugin

AUTHORS

       This code is maintained by the Nagios Plugin Development Team: <http://nagiosplug.sourceforge.net>.

COPYRIGHT and LICENCE
       Copyright (C) 2006-2007 by Nagios Plugin Development Team

       This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

perl v5.14.2							    2010-12-03					       Nagios::Plugin::Config(3pm)