About Nagios3 and arbitrary code execution

Ton Voon ton.voon at opsera.com
Wed Jul 8 12:42:15 CEST 2009


On 8 Jul 2009, at 10:44, Daniel Bareiro wrote:

> According to I see in changelog of the version 3.1.1, it  
> incorporates a
> security fix for statuswml.cgi where arbitrary shell injection was
> possible. Somebody could confirm to me that this vulnerability is the
> same that is mentioned in the DSA?

Yes it is.

Ton


------------------------------------------------------------------------------
Enter the BlackBerry Developer Challenge  
This is your chance to win up to $100,000 in prizes! For a limited time, 
vendors submitting new applications to BlackBerry App World(TM) will have
the opportunity to enter the BlackBerry Developer Challenge. See full prize  
details at: http://p.sf.net/sfu/Challenge
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null





More information about the Users mailing list