oss-sec mailing list archives
Re: Re-emergence of CVE-2008-4796 in Nagios current
From: David Jorm <djorm () redhat com>
Date: Tue, 30 Apr 2013 19:28:28 -0400 (EDT)
CVE-2008-4796 snoopy: command execution via shell metacharacters Was found in Nagios core by Grant Murphy. Filed upstream: http://tracker.nagios.org/view.php?id=449 We really need to start thinking about ways to find vulnerable copies of code and fixing them everywhere people have embedded them.
Debian uses clonewise: https://github.com/silviocesare/Clonewise It is the best solution I've seen so far. It's been on my TODO list forever and a day to get it running for Fedora. David
Current thread:
- Re-emergence of CVE-2008-4796 in Nagios current Kurt Seifried (Apr 30)
- Re: Re-emergence of CVE-2008-4796 in Nagios current David Jorm (Apr 30)
- Re: Re-emergence of CVE-2008-4796 in Nagios current Michael Gilbert (May 03)
- Re: Re-emergence of CVE-2008-4796 in Nagios current David Jorm (Apr 30)