oss-sec mailing list archives
Re: nagios: remote code execution
From: "Steven M. Christey" <coley () linus mitre org>
Date: Tue, 7 Jul 2009 16:54:53 -0400 (EDT)
====================================================== Name: CVE-2009-2288 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2288 Reference: CONFIRM:http://tracker.nagios.org/view.php?id=15 Reference: CONFIRM:http://www.nagios.org/development/history/core-3x/ Reference: SECUNIA:35543 Reference: URL:http://secunia.com/advisories/35543 statuswml.cgi in Nagios before 3.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) ping or (2) Traceroute parameters.
Current thread:
- Re: nagios: remote code execution Steven M. Christey (Jul 07)