Summary
Detail | |||
---|---|---|---|
Vendor | Nagios | First view | 2002-12-31 |
Product | Nagios | Last view | 2020-06-09 |
Version | Type | ||
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
Date | Alert | Description | |
---|---|---|---|
4.9 | 2020-06-09 | CVE-2020-13977 | Nagios 4.4.5 allows an attacker, who already has administrative access to change the "URL for JSON CGIs" configuration setting, to modify the Alert Histogram and Trends code via crafted versions of the archivejson.cgi, objectjson.cgi, and statusjson.cgi files. NOTE: this vulnerability has been mistakenly associated with CVE-2020-1408. |
5.4 | 2020-03-16 | CVE-2020-6586 | Nagios Log Server 2.1.3 allows XSS by visiting /profile and entering a crafted name field that is mishandled on the /admin/users page. Any malicious user with limited access can store an XSS payload in his Name. When any admin views this, the XSS is triggered. |
8.8 | 2020-03-16 | CVE-2020-6585 | Nagios Log Server 2.1.3 has CSRF. |
6.5 | 2020-03-16 | CVE-2020-6584 | Nagios Log Server 2.1.3 has Incorrect Access Control. |
7 | 2020-02-28 | CVE-2019-3698 | UNIX Symbolic Link (Symlink) Following vulnerability in the cronjob shipped with nagios of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 11; openSUSE Factory allows local attackers to cause cause DoS or potentially escalate privileges by winning a race. This issue affects: SUSE Linux Enterprise Server 12 nagios version 3.5.1-5.27 and prior versions. SUSE Linux Enterprise Server 11 nagios version 3.0.6-1.25.36.3.1 and prior versions. openSUSE Factory nagios version 4.4.5-2.1 and prior versions. |
7.8 | 2018-08-01 | CVE-2016-8641 | A privilege escalation vulnerability was found in nagios 4.2.x that occurs in daemon-init.in when creating necessary files and insecurely changing the ownership afterwards. It's possible for the local attacker to create symbolic links before the files are to be created and possibly escalating the privileges with the ownership change. |
5.5 | 2018-07-12 | CVE-2018-13441 | qh_help in Nagios Core version 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attacker to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket. |
6.3 | 2017-08-23 | CVE-2017-12847 | Nagios Core before 4.3.3 creates a nagios.lock PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for nagios.lock modification before a root script executes a "kill `cat /pathname/nagios.lock`" command. |
9.8 | 2017-06-06 | CVE-2016-0726 | The Fedora Nagios package uses "nagiosadmin" as the default password for the "nagiosadmin" administrator account, which makes it easier for remote attackers to obtain access by leveraging knowledge of the credentials. |
6.1 | 2017-03-31 | CVE-2016-6209 | Cross-site scripting (XSS) vulnerability in Nagios. |
9.8 | 2017-03-31 | CVE-2014-5009 | Snoopy allows remote attackers to execute arbitrary commands. NOTE: this vulnerability exists due to an incomplete fix for CVE-2014-5008. |
9.8 | 2017-03-31 | CVE-2008-7313 | The _httpsrequest function in Snoopy allows remote attackers to execute arbitrary commands. NOTE: this issue exists dues to an incomplete fix for CVE-2008-4796. |
7.8 | 2017-02-15 | CVE-2016-10089 | Nagios 4.3.2 and earlier allows local users to gain root privileges via a hard link attack on the Nagios init script file, related to CVE-2016-8641. |
7.8 | 2016-12-15 | CVE-2016-9566 | base/logging.c in Nagios Core before 4.2.4 allows local users with access to an account in the nagios group to gain root privileges via a symlink attack on the log file. NOTE: this can be leveraged by remote attackers using CVE-2016-9565. |
9.8 | 2016-12-15 | CVE-2016-9565 | MagpieRSS, as used in the front-end component in Nagios Core before 4.2.2 might allow remote attackers to read or write to arbitrary files by spoofing a crafted response from the Nagios RSS feed server. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4796. |
2.1 | 2014-12-05 | CVE-2014-4703 | lib/parse_ini.c in Nagios Plugins 2.0.2 allows local users to obtain sensitive information via a symlink attack on the configuration file in the extra-opts flag. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-4701. |
2.1 | 2014-12-05 | CVE-2014-4702 | The check_icmp plugin in Nagios Plugins before 2.0.2 allows local users to obtain sensitive information from INI configuration files via the extra-opts flag, a different vulnerability than CVE-2014-4701. |
2.1 | 2014-12-05 | CVE-2014-4701 | The check_dhcp plugin in Nagios Plugins before 2.0.2 allows local users to obtain sensitive information from INI configuration files via the extra-opts flag, a different vulnerability than CVE-2014-4702. |
5 | 2014-02-28 | CVE-2014-1878 | Stack-based buffer overflow in the cmd_submitf function in cgi/cmd.c in Nagios Core, possibly 4.0.3rc1 and earlier, and Icinga before 1.8.6, 1.9 before 1.9.5, and 1.10 before 1.10.3 allows remote attackers to cause a denial of service (segmentation fault) via a long message to cmd.cgi. |
4 | 2014-02-10 | CVE-2013-2214 | status.cgi in Nagios 4.0 before 4.0 beta4 and 3.x before 3.5.1 does not properly restrict access to certain users that are a contact for a service, which allows remote authenticated users to obtain sensitive information about hostnames via the servicegroup (1) overview, (2) summary, or (3) grid style in status.cgi. NOTE: this behavior is by design in most 3.x versions, but the upstream vendor "decided to change it for Nagios 4" and 3.5.1. |
6.4 | 2014-01-15 | CVE-2013-7205 | Off-by-one error in the process_cgivars function in contrib/daemonchk.c in Nagios Core 3.5.1, 4.0.2, and earlier allows remote authenticated users to obtain sensitive information from process memory or cause a denial of service (crash) via a long string in the last key value in the variable list, which triggers a heap-based buffer over-read. |
5.5 | 2014-01-15 | CVE-2013-7108 | Multiple off-by-one errors in Nagios Core 3.5.1, 4.0.2, and earlier, and Icinga before 1.8.5, 1.9 before 1.9.4, and 1.10 before 1.10.2 allow remote authenticated users to obtain sensitive information from process memory or cause a denial of service (crash) via a long string in the last key value in the variable list to the process_cgivars function in (1) avail.c, (2) cmd.c, (3) config.c, (4) extinfo.c, (5) histogram.c, (6) notifications.c, (7) outages.c, (8) status.c, (9) statusmap.c, (10) summary.c, and (11) trends.c in cgi/, which triggers a heap-based buffer over-read. |
6.3 | 2013-11-23 | CVE-2013-4214 | rss-newsfeed.php in Nagios Core 3.4.4, 3.5.1, and earlier, when MAGPIE_CACHE_ON is set to 1, allows local users to overwrite arbitrary files via a symlink attack on /tmp/magpie_cache. |
7.5 | 2013-01-22 | CVE-2012-6096 | Multiple stack-based buffer overflows in the get_history function in history.cgi in Nagios Core before 3.4.4, and Icinga 1.6.x before 1.6.2, 1.7.x before 1.7.4, and 1.8.x before 1.8.4, might allow remote attackers to execute arbitrary code via a long (1) host_name variable (host parameter) or (2) svc_description variable. |
4.3 | 2011-06-14 | CVE-2011-2179 | Multiple cross-site scripting (XSS) vulnerabilities in config.c in config.cgi in (1) Nagios 3.2.3 and (2) Icinga before 1.4.1 allow remote attackers to inject arbitrary web script or HTML via the expand parameter, as demonstrated by an (a) command action or a (b) hosts action. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
20% (7) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
14% (5) | CWE-59 | Improper Link Resolution Before File Access ('Link Following') |
11% (4) | CWE-264 | Permissions, Privileges, and Access Controls |
8% (3) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
5% (2) | CWE-352 | Cross-Site Request Forgery (CSRF) |
5% (2) | CWE-200 | Information Exposure |
5% (2) | CWE-78 | Improper Sanitization of Special Elements used in an OS Command ('O... |
5% (2) | CWE-77 | Improper Sanitization of Special Elements used in a Command ('Comma... |
2% (1) | CWE-798 | Use of Hard-coded Credentials |
2% (1) | CWE-665 | Improper Initialization |
2% (1) | CWE-476 | NULL Pointer Dereference |
2% (1) | CWE-284 | Access Control (Authorization) Issues |
2% (1) | CWE-269 | Improper Privilege Management |
2% (1) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
2% (1) | CWE-20 | Improper Input Validation |
CAPEC : Common Attack Pattern Enumeration & Classification
id | Name |
---|---|
CAPEC-1 | Accessing Functionality Not Properly Constrained by ACLs |
CAPEC-6 | Argument Injection |
CAPEC-13 | Subverting Environment Variable Values |
CAPEC-15 | Command Delimiters |
CAPEC-17 | Accessing, Modifying or Executing Executable Files |
CAPEC-39 | Manipulating Opaque Client-based Data Tokens |
CAPEC-43 | Exploiting Multiple Input Interpretation Layers |
CAPEC-45 | Buffer Overflow via Symbolic Links |
CAPEC-51 | Poison Web Service Registry |
CAPEC-59 | Session Credential Falsification through Prediction |
CAPEC-60 | Reusing Session IDs (aka Session Replay) |
CAPEC-76 | Manipulating Input to File System Calls |
CAPEC-77 | Manipulating User-Controlled Variables |
CAPEC-87 | Forceful Browsing |
CAPEC-88 | OS Command Injection |
CAPEC-104 | Cross Zone Scripting |
CAPEC-108 | Command Line Execution through SQL Injection |
Oval Markup Language : Definitions
OvalID | Name |
---|---|
oval:org.mitre.oval:def:7884 | DSA-1883 nagios2 -- missing input sanitising |
oval:org.mitre.oval:def:13703 | DSA-1883-1 nagios2 -- missing input sanitising |
oval:org.mitre.oval:def:13118 | DSA-1883-2 nagios2 -- missing input sanitising |
oval:org.mitre.oval:def:21043 | USN-698-1 -- nagios vulnerability |
oval:org.mitre.oval:def:20718 | USN-698-3 -- nagios2 vulnerabilities |
oval:org.mitre.oval:def:20295 | USN-698-2 -- nagios3 vulnerabilities |
oval:org.mitre.oval:def:8200 | DSA-1825 nagios2, nagios3 -- insufficient input validation |
oval:org.mitre.oval:def:13626 | USN-795-1 -- nagios2, nagios3 vulnerability |
oval:org.mitre.oval:def:13385 | DSA-1825-1 nagios2, nagios3 -- insufficient input validation |
oval:org.mitre.oval:def:13472 | USN-1151-1 -- nagios3 vulnerabilities |
oval:org.mitre.oval:def:19990 | DSA-2616-1 nagios3 - buffer overflow vulnerability |
oval:org.mitre.oval:def:18427 | DSA-2653-1 icinga - buffer overflow |
oval:org.mitre.oval:def:26016 | SUSE-SU-2013:0358-1 -- Security update for nagios |
oval:org.mitre.oval:def:25577 | SUSE-SU-2014:0156-1 -- Security update for nagios |
oval:org.mitre.oval:def:25305 | SUSE-SU-2014:0570-1 -- Security update for nagios |
oval:org.mitre.oval:def:28403 | SUSE-SU-2014:1352-1 -- Security update for nagios-plugins (low) |
SAINT Exploits
Description | Link |
---|---|
Nagios 3 history.cgi Command Injection | More info here |
Nagios statuswml.cgi Command Injection | More info here |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
74122 | Nagios config.cgi expand Parameter XSS |
72730 | Icinga cgi-bin/config.cgi expand Parameter XSS |
71059 | Nagios cgi-bin/statusmap.cgi layer Parameter XSS |
59585 | Nagios Plugin Output Shell Metacharacter Arbitrary Command Execution |
55281 | Nagios statuswml.cgi Multiple Parameter Arbitrary Remote Shell Command Execution |
50457 | Nagios Unspecified CGI Issue |
50242 | op5 Nagios Process Browser Addon Remote Authentication Bypass |
50241 | op5 Nagios Process Custom Form Remote Authentication Bypass |
50240 | Nagios Nagios Process Browser Addon Remote Authentication Bypass |
50239 | Nagios Nagios Process Custom Form Remote Authentication Bypass |
49994 | op5 Monitor Unspecified CSRF |
49991 | Nagios Unspecified CSRF |
49261 | Snoopy _httpsrequest() Function Arbitrary Shell Command Injection |
45359 | Nagios Unspecified CGI XSS |
42951 | Nagios Unspecified XSS |
38071 | Nagios CGI Script Unspecified Parameter XSS |
25543 | Nagios Content-Length HTTP Header Integer Overflow |
25434 | Nagios Negative Content-Length HTTP Header Overflow |
ExploitDB Exploits
id | Description |
---|---|
24084 | Nagios history.cgi Remote Command Execution Vulnerability |
OpenVAS Exploits
id | Description |
---|---|
2012-04-02 | Name : Fedora Update for nagios FEDORA-2012-1592 File : nvt/gb_fedora_2012_1592_nagios_fc16.nasl |
2012-02-21 | Name : Fedora Update for nagios FEDORA-2012-1583 File : nvt/gb_fedora_2012_1583_nagios_fc15.nasl |
2011-06-20 | Name : Ubuntu Update for nagios3 USN-1151-1 File : nvt/gb_ubuntu_USN_1151_1.nasl |
2011-06-07 | Name : Icinga 'expand' Parameter Cross-Site Scripting Vulnerability File : nvt/gb_icinga_expand_parameter_xss_vuln.nasl |
2011-06-07 | Name : Nagios 'expand' Parameter Cross-Site Scripting Vulnerability File : nvt/gb_nagios_expand_parameter_xss_vuln.nasl |
2011-03-16 | Name : Nagios 'layer' Cross-Site Scripting Vulnerability File : nvt/gb_nagios_layer_xss_vuln.nasl |
2011-03-11 | Name : Nagios 'layer' Parameter Cross-Site Scripting Vulnerabilities File : nvt/gb_nagios_46826.nasl |
2009-12-14 | Name : Fedora Core 10 FEDORA-2009-13040 (moodle) File : nvt/fcore_2009_13040.nasl |
2009-10-13 | Name : SLES10: Security update for nagios File : nvt/sles10_nagios0.nasl |
2009-10-13 | Name : SLES10: Security update for nagios File : nvt/sles10_nagios.nasl |
2009-10-11 | Name : SLES11: Security update for nagios File : nvt/sles11_nagios.nasl |
2009-09-15 | Name : Debian Security Advisory DSA 1883-1 (nagios2) File : nvt/deb_1883_1.nasl |
2009-09-15 | Name : Debian Security Advisory DSA 1883-2 (nagios2) File : nvt/deb_1883_2.nasl |
2009-09-02 | Name : Debian Security Advisory DSA 1871-1 (wordpress) File : nvt/deb_1871_1.nasl |
2009-09-02 | Name : Debian Security Advisory DSA 1871-2 (wordpress) File : nvt/deb_1871_2.nasl |
2009-08-17 | Name : SuSE Security Summary SUSE-SR:2009:013 File : nvt/suse_sr_2009_013.nasl |
2009-08-17 | Name : Mandrake Security Advisory MDVSA-2009:187 (nagios) File : nvt/mdksa_2009_187.nasl |
2009-07-29 | Name : Gentoo Security Advisory GLSA 200907-15 (nagios-core) File : nvt/glsa_200907_15.nasl |
2009-07-08 | Name : Nagios 'statuswml.cgi' Remote Arbitrary Shell Command Injection Vulnerability File : nvt/nagios_35464.nasl |
2009-07-06 | Name : Ubuntu USN-795-1 (nagios3) File : nvt/ubuntu_795_1.nasl |
2009-07-06 | Name : Debian Security Advisory DSA 1825-1 (nagios2, nagios3) File : nvt/deb_1825_1.nasl |
2009-07-06 | Name : FreeBSD Ports: nagios File : nvt/freebsd_nagios1.nasl |
2009-06-30 | Name : Ubuntu USN-791-1 (moodle) File : nvt/ubuntu_791_1.nasl |
2009-06-05 | Name : Ubuntu USN-723-1 (git-core) File : nvt/ubuntu_723_1.nasl |
2009-06-05 | Name : Ubuntu USN-698-3 (nagios2) File : nvt/ubuntu_698_3.nasl |
Snort® IPS/IDS
Date | Description |
---|---|
2017-04-12 | Nagios Core privilege escalation attempt RuleID : 41824 - Type : SERVER-OTHER - Revision : 2 |
2017-04-12 | Nagios Core privilege escalation attempt RuleID : 41823 - Type : SERVER-OTHER - Revision : 3 |
2014-02-15 | Nagios process_cgivars off-by-one memory access denial of service attempt RuleID : 29375 - Type : SERVER-WEBAPP - Revision : 3 |
2014-02-15 | Nagios process_cgivars off-by-one memory access denial of service attempt RuleID : 29374 - Type : SERVER-WEBAPP - Revision : 3 |
2014-02-08 | Nagios3 statuswml.cgi remote command execution attempt RuleID : 29267 - Type : SERVER-WEBAPP - Revision : 3 |
2014-01-10 | Nagios3 statuswml.cgi remote command execution attempt RuleID : 26274 - Type : SERVER-WEBAPP - Revision : 5 |
2014-01-10 | Nagios Core get_history buffer overflow attempt RuleID : 25586 - Type : SERVER-WEBAPP - Revision : 8 |
2014-01-10 | HTTP request with negative Content-Length attempt RuleID : 2278-community - Type : SERVER-WEBAPP - Revision : 34 |
2014-01-10 | HTTP request with negative Content-Length attempt RuleID : 2278 - Type : SERVER-WEBAPP - Revision : 33 |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2018-12-27 | Name: The remote Debian host is missing a security update. File: debian_DLA-1615.nasl - Type: ACT_GATHER_INFO |
2018-01-15 | Name: The remote Fedora host is missing a security update. File: fedora_2017-d270e932a3.nasl - Type: ACT_GATHER_INFO |
2017-10-18 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201710-20.nasl - Type: ACT_GATHER_INFO |
2017-10-04 | Name: The remote Amazon Linux AMI host is missing a security update. File: ala_ALAS-2017-899.nasl - Type: ACT_GATHER_INFO |
2017-06-08 | Name: The remote Ubuntu host is missing one or more security-related patches. File: ubuntu_USN-3253-2.nasl - Type: ACT_GATHER_INFO |
2017-04-04 | Name: The remote Ubuntu host is missing one or more security-related patches. File: ubuntu_USN-3253-1.nasl - Type: ACT_GATHER_INFO |
2017-02-21 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201702-26.nasl - Type: ACT_GATHER_INFO |
2017-02-08 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2017-0259.nasl - Type: ACT_GATHER_INFO |
2017-02-08 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2017-0258.nasl - Type: ACT_GATHER_INFO |
2017-01-17 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2017-100.nasl - Type: ACT_GATHER_INFO |
2017-01-03 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201612-51.nasl - Type: ACT_GATHER_INFO |
2016-12-20 | Name: The remote Debian host is missing a security update. File: debian_DLA-751.nasl - Type: ACT_GATHER_INFO |
2016-12-20 | Name: The remote Debian host is missing a security update. File: debian_DLA-751.nasl - Type: ACT_GATHER_INFO |
2016-05-09 | Name: The remote Debian host is missing a security update. File: debian_DLA-461.nasl - Type: ACT_GATHER_INFO |
2015-12-01 | Name: The remote Debian host is missing a security update. File: debian_DLA-357.nasl - Type: ACT_GATHER_INFO |
2015-08-18 | Name: The remote Fedora host is missing a security update. File: fedora_2015-12972.nasl - Type: ACT_GATHER_INFO |
2015-08-18 | Name: The remote Fedora host is missing a security update. File: fedora_2015-12853.nasl - Type: ACT_GATHER_INFO |
2015-08-18 | Name: The remote Fedora host is missing a security update. File: fedora_2015-12987.nasl - Type: ACT_GATHER_INFO |
2015-03-26 | Name: The remote Debian host is missing a security update. File: debian_DLA-60.nasl - Type: ACT_GATHER_INFO |
2014-12-15 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201412-23.nasl - Type: ACT_GATHER_INFO |
2014-11-04 | Name: The remote SuSE 11 host is missing one or more security updates. File: suse_11_nagios-plugins-141002.nasl - Type: ACT_GATHER_INFO |
2014-06-13 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2013-41.nasl - Type: ACT_GATHER_INFO |
2014-06-13 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2013-45.nasl - Type: ACT_GATHER_INFO |
2014-06-13 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2013-54.nasl - Type: ACT_GATHER_INFO |
2014-06-13 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2013-563.nasl - Type: ACT_GATHER_INFO |