About Nagios3 and arbitrary code execution
Daniel Bareiro
daniel-listas at gmx.net
Thu Jul 9 19:21:16 CEST 2009
On Wednesday, 08 July 2009 11:42:15 +0100,
Ton Voon wrote:
> On 8 Jul 2009, at 10:44, Daniel Bareiro wrote:
>
> > According to I see in changelog of the version 3.1.1, it
> > incorporates a security fix for statuswml.cgi where arbitrary shell
> > injection was possible. Somebody could confirm to me that this
> > vulnerability is the same that is mentioned in the DSA?
> Yes it is.
Perfect. Thanks for your reply, Ton.
Regards,
Daniel
--
Fingerprint: BFB3 08D6 B4D1 31B2 72B9 29CE 6696 BF1B 14E6 1D37
Powered by Debian GNU/Linux Squeeze - Linux user #188.598
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
URL: <https://www.monitoring-lists.org/archive/users/attachments/20090709/130400fe/attachment.sig>
-------------- next part --------------
------------------------------------------------------------------------------
Enter the BlackBerry Developer Challenge
This is your chance to win up to $100,000 in prizes! For a limited time,
vendors submitting new applications to BlackBerry App World(TM) will have
the opportunity to enter the BlackBerry Developer Challenge. See full prize
details at: http://p.sf.net/sfu/Challenge
-------------- next part --------------
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.
::: Messages without supporting info will risk being sent to /dev/null
More information about the Users
mailing list