Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2011-2179

Multiple cross-site scripting (XSS) vulnerabilities in config.c in config.cgi in (1) Nagios 3.2.3 and (2) Icinga before 1.4.1 allow remote attackers to inject arbitrary web script or HTML via the expand parameter, as demonstrated by an (a) command action or a (b) hosts action.

Source

ALAS-2012-050

Amazon Linux AMI Security Advisory: ALAS-2012-50
Advisory Release Date: 2012-03-04 16:10 Pacific
Advisory Updated Date: 2014-09-14 15:36 Pacific

Severity: Medium

References: CVE-2011-2179

Issue Overview:

Multiple cross-site scripting (XSS) vulnerabilities in config.c in config.cgi in (1) Nagios 3.2.3 and (2) Icinga before 1.4.1 allow remote attackers to inject arbitrary web script or HTML via the expand parameter, as demonstrated by an (a) command action or a (b) hosts action.

Affected Packages:

nagios

Issue Correction:
Run yum update nagios to update your system.

New Packages:

i686:
    nagios-debuginfo-3.3.1-3.4.amzn1.i686
    nagios-3.3.1-3.4.amzn1.i686
    nagios-devel-3.3.1-3.4.amzn1.i686
    nagios-common-3.3.1-3.4.amzn1.i686

src:
    nagios-3.3.1-3.4.amzn1.src

x86_64:
    nagios-common-3.3.1-3.4.amzn1.x86_64
    nagios-devel-3.3.1-3.4.amzn1.x86_64
    nagios-3.3.1-3.4.amzn1.x86_64
    nagios-debuginfo-3.3.1-3.4.amzn1.x86_64

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

ALAS-2012-050

ALAS-2012-050

Vulmon Search

About

Products

Connect