CVE-2008-5027
CVE-2008-5027
The Nagios process in (1) Nagios before 3.0.5 and (2) op5 Monitor before 4.0.1 allows remote authenticated users to bypass authorization checks, and trigger execution of arbitrary programs by this process, via an (a) custom form or a (b) browser addon.
Produtos afetados
n/a · n/aQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://marc.info/?l=bugtraq&m=124156641928637&w=2http://secunia.com/advisories/33320http://secunia.com/advisories/35002http://security.gentoo.org/glsa/glsa-200907-15.xmlhttp://sourceforge.net/mailarchive/forum.php?thread_name=4914396D.5010009%40op5.se&forum_name=nagios-develhttps://www.ubuntu.com/usn/USN-698-3/http://www.nagios.org/development/history/nagios-3x.phphttp://www.op5.com/support/news/389-important-security-fix-available-for-op5-monitorhttp://www.openwall.com/lists/oss-security/2008/11/06/2http://www.securityfocus.com/bid/32156http://www.securitytracker.com/id?1022165http://www.ubuntu.com/usn/USN-698-1