oss-sec mailing list archives

nagios: remote code execution

From: Tomas Hoger <thoger () redhat com>
Date: Mon, 29 Jun 2009 13:23:23 +0200

Hi!

Just in case you missed it - nagios 3.1.1 mentions:

# Security fix for statuswml.cgi where arbitrary shell injection was
possible 

( http://www.nagios.org/development/history/core-3x/ )

Further details in the upstream bug:

  http://tracker.nagios.org/view.php?id=15

-- 
Tomas Hoger / Red Hat Security Response Team

Current thread:

nagios: remote code execution Tomas Hoger (Jun 29)