Published: 17/03/2008 Updated: 08/08/2017

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in Nagios prior to 2.11 allows remote malicious users to inject arbitrary web script or HTML via unknown vectors to unspecified CGI scripts, a different issue than CVE-2007-5624.

Vulnerable Product	Search on Vulmon	Subscribe to Product
nagios nagios 2.3
nagios nagios 2.3.1
nagios nagios 2.9
nagios nagios 2.7
nagios nagios 2.8
nagios nagios 2.10
nagios nagios 2.2

Debian Bug report logs - #482445 nagios2: CVE-2007-5803 cross-site scripting vulnerabilities Package: nagios2; Maintainer for nagios2 is (unknown); Reported by: Nico Golde <nion@debianorg> Date: Thu, 22 May 2008 20:09:01 UTC Severity: important Tags: patch, security Fixed in version nagios2/26-2+etch4 Done: Giuseppe Iu ...

Several vulnerabilities have been found in nagios2, a host/service/network monitoring and management system The Common Vulnerabilities and Exposures project identifies the following problems: Several cross-site scripting issues via several parameters were discovered in the CGI scripts, allowing attackers to inject arbitrary HTML code In order to ...

CWE-79 http://www.nagios.org/development/changelog.php#2x_branch http://www.securityfocus.com/bid/28250 http://secunia.com/advisories/29363 http://www.mandriva.com/security/advisories?name=MDVSA-2008:067 http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html http://www.vupen.com/english/advisories/2008/0900/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41210 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=482445 https://nvd.nist.gov https://www.debian.org/security/./dsa-1883

CVE-2008-1360

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect