Search CVE reports
1 – 10 of 12 results
CVE-2013-2029
Medium prioritynagios.upgrade_to_v3.sh, as distributed by Red Hat and possibly others for Nagios Core 3.4.4, 3.5.1, and earlier, allows local users to overwrite arbitrary files via a symlink attack on a temporary nagioscfg file with...
3 affected packages
icinga, nagios2, nagios3
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
icinga | — | — | — | — | — |
nagios2 | — | — | — | — | — |
nagios3 | — | — | — | — | — |
CVE-2011-2179
Medium prioritySome fixes available 1 of 12
Multiple cross-site scripting (XSS) vulnerabilities in config.c in config.cgi in (1) Nagios 3.2.3 and (2) Icinga before 1.4.1 allow remote attackers to inject arbitrary web script or HTML via the expand parameter, as demonstrated...
3 affected packages
icinga, nagios2, nagios3
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
icinga | — | — | — | Not affected | Not affected |
nagios2 | — | — | — | Not in release | Not in release |
nagios3 | — | — | — | Not affected | Not affected |
CVE-2011-1523
Medium prioritySome fixes available 3 of 18
Cross-site scripting (XSS) vulnerability in statusmap.c in statusmap.cgi in Nagios 3.2.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the layer parameter.
4 affected packages
icinga, nagios, nagios2, nagios3
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
icinga | — | — | — | Not affected | Not affected |
nagios | — | — | — | Not in release | Not in release |
nagios2 | — | — | — | Not in release | Not in release |
nagios3 | — | — | — | Not affected | Not affected |
CVE-2009-2288
Medium prioritystatuswml.cgi in Nagios before 3.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) ping or (2) Traceroute parameters.
3 affected packages
nagios, nagios2, nagios3
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
nagios | — | — | — | — | — |
nagios2 | — | — | — | — | — |
nagios3 | — | — | — | — | — |
CVE-2008-6373
Medium priorityUnspecified vulnerability in Nagios before 3.0.6 has unspecified impact and remote attack vectors related to CGI programs, "adaptive external commands," and "writing newlines and submitting service comments."
3 affected packages
nagios, nagios2, nagios3
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
nagios | — | — | — | — | — |
nagios2 | — | — | — | — | — |
nagios3 | — | — | — | — | — |
CVE-2008-5028
Medium prioritySome fixes available 2 of 3
Cross-site request forgery (CSRF) vulnerability in cmd.cgi in (1) Nagios 3.0.5 and (2) op5 Monitor before 4.0.1 allows remote attackers to send commands to the Nagios process, and trigger execution of arbitrary programs by this...
3 affected packages
nagios, nagios2, nagios3
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
nagios | — | — | — | — | — |
nagios2 | — | — | — | — | — |
nagios3 | — | — | — | — | — |
CVE-2008-5027
Medium prioritySome fixes available 3 of 5
The Nagios process in (1) Nagios before 3.0.5 and (2) op5 Monitor before 4.0.1 allows remote authenticated users to bypass authorization checks, and trigger execution of arbitrary programs by this process, via an (a) custom form...
3 affected packages
nagios, nagios2, nagios3
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
nagios | — | — | — | — | — |
nagios2 | — | — | — | — | — |
nagios3 | — | — | — | — | — |
CVE-2007-5803
Low prioritySome fixes available 2 of 4
Multiple cross-site scripting (XSS) vulnerabilities in CGI programs in Nagios before 2.12 might allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2007-5624 and CVE-2008-1360.
2 affected packages
nagios2, nagios3
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
nagios2 | — | — | — | — | — |
nagios3 | — | — | — | — | — |
CVE-2008-1360
Low prioritySome fixes available 1 of 4
Cross-site scripting (XSS) vulnerability in Nagios before 2.11 allows remote attackers to inject arbitrary web script or HTML via unknown vectors to unspecified CGI scripts, a different issue than CVE-2007-5624.
1 affected packages
nagios2
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
nagios2 | — | — | — | — | — |
CVE-2007-5624
Low prioritySome fixes available 1 of 3
Cross-site scripting (XSS) vulnerability in Nagios 2.x before 2.10 allows remote attackers to inject arbitrary web script or HTML via unknown vectors to unspecified CGI scripts.
2 affected packages
nagios2, nagios3
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
nagios2 | — | — | — | — | — |
nagios3 | — | — | — | — | — |