9.8
CVSSv3

CVE-2014-5009

Published: 31/03/2017 Updated: 29/08/2017
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

Snoopy allows remote malicious users to execute arbitrary commands. NOTE: this vulnerability exists due to an incomplete fix for CVE-2014-5008.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.
Vulnerable Product Search on Vulmon Subscribe to Product

snoopy snoopy -

redhat openstack 5.0

redhat openstack 6.0

nagios nagios

Vendor Advisories

Synopsis Important: nagios security update Type/Severity Security Advisory: Important Topic An update for nagios is now available for Red Hat Enterprise Linux OpenStack Platform 50 (Icehouse) for RHEL 6Red Hat Product Security has rated this update as having a security impact of Important A Common Vulner ...
Synopsis Important: nagios security update Type/Severity Security Advisory: Important Topic An update for nagios is now available for Red Hat Enterprise Linux OpenStack Platform 70 (Kilo) for RHEL 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerabil ...
Synopsis Important: nagios security update Type/Severity Security Advisory: Important Topic An update for nagios is now available for Red Hat Enterprise Linux OpenStack Platform 50 (Icehouse) for RHEL 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulner ...
Synopsis Important: nagios security update Type/Severity Security Advisory: Important Topic An update for nagios is now available for Red Hat Enterprise Linux OpenStack Platform 60 (Juno) for RHEL 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerabil ...
Various command-execution flaws were found in the Snoopy library included with Nagios These flaws allowed remote attackers to execute arbitrary commands by manipulating Nagios HTTP headers ...
Multiple off-by-one errors in Nagios Core 351, 402, and earlier, and Icinga before 185, 19 before 194, and 110 before 1102 allow remote authenticated users to obtain sensitive information from process memory or cause a denial of service (crash) via a long string in the last key value in the variable list to the process_cgivars function ...