Page 2 of 22 results (0.025 seconds)

CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 0

The _httpsrequest function in Snoopy allows remote attackers to execute arbitrary commands. NOTE: this issue exists dues to an incomplete fix for CVE-2008-4796. La función _httpsrequest en Snoopy permite a atacantes remotos ejecutar comandos arbitrarios. NOTA: este problema existe debido a una solución incompleta para CVE-2008-4796. Various command-execution flaws were found in the Snoopy library included with Nagios. • http://snoopy.cvs.sourceforge.net/viewvc/snoopy/Snoopy/Snoopy.class.php?view=log#rev1.27 http://www.openwall.com/lists/oss-security/2014/07/09/11 http://www.openwall.com/lists/oss-security/2014/07/16/10 http://www.openwall.com/lists/oss-security/2014/07/18/2 http://www.securityfocus.com/bid/68776 https://bugzilla.redhat.com/show_bug.cgi?id=1121497 https://exchange.xforce.ibmcloud.com/vulnerabilities/94737 https://rhn.redhat.com/errata/RHSA-2017-0211.html https:/ • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •

CVSS: 7.8EPSS: 92%CPEs: 1EXPL: 2

base/logging.c in Nagios Core before 4.2.4 allows local users with access to an account in the nagios group to gain root privileges via a symlink attack on the log file. NOTE: this can be leveraged by remote attackers using CVE-2016-9565. base/logging.c en Nagios Core en versiones anteriores a 4.2.4 permite a usuarios locales con acceso a una cuenta en el grupo nagios obtener privilegios a través de un ataque de symlink al archivo de inicio de sesión. NOTA: esto puede ser aprovechado por atacantes remotos usando CVE-2016-9565. A privilege escalation flaw was found in the way Nagios handled log files. An attacker able to control the Nagios logging configuration (the 'nagios' user/group) could use this flaw to elevate their privileges to root. • https://www.exploit-db.com/exploits/40921 http://rhn.redhat.com/errata/RHSA-2017-0211.html http://rhn.redhat.com/errata/RHSA-2017-0212.html http://rhn.redhat.com/errata/RHSA-2017-0213.html http://rhn.redhat.com/errata/RHSA-2017-0214.html http://rhn.redhat.com/errata/RHSA-2017-0258.html http://rhn.redhat.com/errata/RHSA-2017-0259.html http://seclists.org/fulldisclosure/2016/Dec/58 http://www.securityfocus.com/bid/94919 http://www.securitytracker.com/id/103748 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 9.8EPSS: 26%CPEs: 1EXPL: 3

MagpieRSS, as used in the front-end component in Nagios Core before 4.2.2 might allow remote attackers to read or write to arbitrary files by spoofing a crafted response from the Nagios RSS feed server. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4796. MagpieRSS, como es usado en el componente front-end en Nagios Core en versiones anteriores a 4.2.2 podría permitir a atacantes remotos leer o escribir archivos arbitrarios falsificando una respuesta manipulada del servidor de alimentación Nagios RSS. NOTA: esta vulnerabilidad existe debido a una incompleta reparación de CVE-2008-4796. It was found that an attacker who could control the content of an RSS feed could execute code remotely using the Nagios web interface. • https://www.exploit-db.com/exploits/40920 http://packetstormsecurity.com/files/140169/Nagios-Core-Curl-Command-Injection-Code-Execution.html http://rhn.redhat.com/errata/RHSA-2017-0211.html http://rhn.redhat.com/errata/RHSA-2017-0212.html http://rhn.redhat.com/errata/RHSA-2017-0213.html http://rhn.redhat.com/errata/RHSA-2017-0214.html http://rhn.redhat.com/errata/RHSA-2017-0258.html http://rhn.redhat.com/errata/RHSA-2017-0259.html http://seclists.org/fulldisclosure/2016/ • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-284: Improper Access Control •

CVSS: 5.0EPSS: 4%CPEs: 20EXPL: 0

Stack-based buffer overflow in the cmd_submitf function in cgi/cmd.c in Nagios Core, possibly 4.0.3rc1 and earlier, and Icinga before 1.8.6, 1.9 before 1.9.5, and 1.10 before 1.10.3 allows remote attackers to cause a denial of service (segmentation fault) via a long message to cmd.cgi. Desbordamiento de buffer basado en pila en la función cmd_submitf en cgi/cmd.c en Nagios Core, posiblemente 4.0.3rc1 y anteriores e Icinga anterior a 1.8.6, 1.9 anterior a 1.9.5 y 1.10 anterior a 1.10.3 permite a atacantes remotos causar una denegación de servicio (fallo de segmentación) a través de un mensaje largo hacia cmd.cgi. • http://lists.opensuse.org/opensuse-updates/2014-04/msg00033.html http://secunia.com/advisories/57024 http://www.securityfocus.com/bid/65605 https://bugzilla.redhat.com/show_bug.cgi?id=1066578 https://dev.icinga.org/issues/5434 https://lists.debian.org/debian-lts-announce/2018/12/msg00014.html https://www.icinga.org/2014/02/11/bugfix-releases-1-10-3-1-9-5-1-8-6 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.4EPSS: 1%CPEs: 36EXPL: 0

Off-by-one error in the process_cgivars function in contrib/daemonchk.c in Nagios Core 3.5.1, 4.0.2, and earlier allows remote authenticated users to obtain sensitive information from process memory or cause a denial of service (crash) via a long string in the last key value in the variable list, which triggers a heap-based buffer over-read. Error de superación de límite (off-by-one) en la función process_cgivars en contrib/daemonchk.c en Nagios Core 3.5.1, 4.0.2 y anteriores, permite a usuarios autenticados remotamente obtener información sensible desde procesos de memoria o causar denegación de servicio (caída) a través de cadenas largas en el valor de la última clave en la lista de variables, lo cual lanza una sobre-lectura de buffer basada en memoria dinámica. • http://secunia.com/advisories/55976 http://sourceforge.net/p/nagios/nagioscore/ci/d97e03f32741a7d851826b03ed73ff4c9612a866 http://www.mandriva.com/security/advisories?name=MDVSA-2014:004 http://www.openwall.com/lists/oss-security/2013/12/24/1 http://www.securityfocus.com/bid/64489 https://lists.debian.org/debian-lts-announce/2018/12/msg00014.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •