This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:nagios:nagios:2.3.1
Detail
VendorNagiosFirst view 2008-03-17
ProductNagiosLast view 2011-05-03
Version2.3.1TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:nagios:nagios

Activity : Overall

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentication
4.32011-05-03CVE-2011-1523NetworkMediumNone Requ...
52009-03-02CVE-2008-6373NetworkLowNone Requ...
6.82008-11-10CVE-2008-5028NetworkMediumNone Requ...
6.52008-11-10CVE-2008-5027NetworkLowRequires ...
4.32008-05-13CVE-2007-5803NetworkMediumNone Requ...
Hide | Show 1 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
4.32008-03-17CVE-2008-1360NetworkMediumNone Requ...

CWE : Common Weakness Enumeration

%idName
50% (3)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
16% (1)CWE-352Cross-Site Request Forgery (CSRF)
16% (1)CWE-264Permissions, Privileges, and Access Controls
16% (1)CWE-94Failure to Control Generation of Code ('Code Injection')

CAPEC : Common Attack Pattern Enumeration & Classification

idName
CAPEC-1Accessing Functionality Not Properly Constrained by ACLs
CAPEC-13Subverting Environment Variable Values
CAPEC-17Accessing, Modifying or Executing Executable Files
CAPEC-39Manipulating Opaque Client-based Data Tokens
CAPEC-45Buffer Overflow via Symbolic Links
Hide | Show 7 More...
idName
CAPEC-51Poison Web Service Registry
CAPEC-59Session Credential Falsification through Prediction
CAPEC-60Reusing Session IDs (aka Session Replay)
CAPEC-76Manipulating Input to File System Calls
CAPEC-77Manipulating User-Controlled Variables
CAPEC-87Forceful Browsing
CAPEC-104Cross Zone Scripting

Oval Markup Language : Definitions

OvalIDName
oval:org.mitre.oval:def:7884DSA-1883 nagios2 -- missing input sanitising
oval:org.mitre.oval:def:13703DSA-1883-1 nagios2 -- missing input sanitising
oval:org.mitre.oval:def:13118DSA-1883-2 nagios2 -- missing input sanitising
oval:org.mitre.oval:def:21043USN-698-1 -- nagios vulnerability
oval:org.mitre.oval:def:20718USN-698-3 -- nagios2 vulnerabilities
Hide | Show 1 More...
idName
oval:org.mitre.oval:def:20295USN-698-2 -- nagios3 vulnerabilities

Open Source Vulnerability Database (OSVDB)

idDescription
71059Nagios cgi-bin/statusmap.cgi layer Parameter XSS
50457Nagios Unspecified CGI Issue
50242op5 Nagios Process Browser Addon Remote Authentication Bypass
50241op5 Nagios Process Custom Form Remote Authentication Bypass
50240Nagios Nagios Process Browser Addon Remote Authentication Bypass
Hide | Show 5 More...
idDescription
50239Nagios Nagios Process Custom Form Remote Authentication Bypass
49994op5 Monitor Unspecified CSRF
49991Nagios Unspecified CSRF
45359Nagios Unspecified CGI XSS
42951Nagios Unspecified XSS

OpenVAS Exploits

idDescription
2012-04-02Name : Fedora Update for nagios FEDORA-2012-1592
File : nvt/gb_fedora_2012_1592_nagios_fc16.nasl
2012-02-21Name : Fedora Update for nagios FEDORA-2012-1583
File : nvt/gb_fedora_2012_1583_nagios_fc15.nasl
2011-06-20Name : Ubuntu Update for nagios3 USN-1151-1
File : nvt/gb_ubuntu_USN_1151_1.nasl
2011-03-16Name : Nagios 'layer' Cross-Site Scripting Vulnerability
File : nvt/gb_nagios_layer_xss_vuln.nasl
2011-03-11Name : Nagios 'layer' Parameter Cross-Site Scripting Vulnerabilities
File : nvt/gb_nagios_46826.nasl
Hide | Show 19 More...
idDescription
2009-10-13Name : SLES10: Security update for nagios
File : nvt/sles10_nagios0.nasl
2009-09-15Name : Debian Security Advisory DSA 1883-1 (nagios2)
File : nvt/deb_1883_1.nasl
2009-09-15Name : Debian Security Advisory DSA 1883-2 (nagios2)
File : nvt/deb_1883_2.nasl
2009-07-29Name : Gentoo Security Advisory GLSA 200907-15 (nagios-core)
File : nvt/glsa_200907_15.nasl
2009-06-05Name : Ubuntu USN-698-1 (nagios)
File : nvt/ubuntu_698_1.nasl
2009-06-05Name : Ubuntu USN-698-3 (nagios2)
File : nvt/ubuntu_698_3.nasl
2009-06-05Name : Ubuntu USN-723-1 (git-core)
File : nvt/ubuntu_723_1.nasl
2009-05-06Name : Nagios Web Interface Privilege Escalation Vulnerability
File : nvt/nagios_cve_2008_5027.nasl
2009-05-06Name : Nagios External Commands and Adaptive Commands Unspecified Vulnerability
File : nvt/nagios_cve_2008_6373.nasl
2009-03-23Name : Ubuntu Update for nagios vulnerability USN-698-1
File : nvt/gb_ubuntu_USN_698_1.nasl
2009-03-23Name : Ubuntu Update for nagios2 vulnerabilities USN-698-3
File : nvt/gb_ubuntu_USN_698_3.nasl
2009-03-02Name : Mandrake Security Advisory MDVSA-2009:054 (nagios)
File : nvt/mdksa_2009_054.nasl
2009-02-16Name : Fedora Update for nagios FEDORA-2008-10323
File : nvt/gb_fedora_2008_10323_nagios_fc10.nasl
2009-01-13Name : FreeBSD Ports: nagios
File : nvt/freebsd_nagios0.nasl
2008-12-29Name : Ubuntu USN-697-1 (imlib2)
File : nvt/ubuntu_697_1.nasl
2008-12-29Name : Ubuntu USN-698-2 (nagios3)
File : nvt/ubuntu_698_2.nasl
2008-12-29Name : Ubuntu USN-699-1 (blender)
File : nvt/ubuntu_699_1.nasl
2008-11-27Name : Nagios Cross-site Request Forgery (CSRF) and Authentication Bypass Vulnerability
File : nvt/gb_nagios_csrf_n_auth_bypass_vuln.nasl
2008-09-04Name : FreeBSD Ports: nagios
File : nvt/freebsd_nagios.nasl

Nessus® Vulnerability Scanner

idDescription
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_4_nagios-110706.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_3_nagios-110706.nasl - Type : ACT_GATHER_INFO
2011-12-13Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_nagios-7625.nasl - Type : ACT_GATHER_INFO
2011-07-26Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_nagios-7624.nasl - Type : ACT_GATHER_INFO
2011-07-12Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_nagios-110706.nasl - Type : ACT_GATHER_INFO
Hide | Show 13 More...
idDescription
2011-06-16Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1151-1.nasl - Type : ACT_GATHER_INFO
2010-02-24Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1883.nasl - Type : ACT_GATHER_INFO
2009-07-21Name : The remote openSUSE host is missing a security update.
File : suse_11_1_nagios-090217.nasl - Type : ACT_GATHER_INFO
2009-07-21Name : The remote openSUSE host is missing a security update.
File : suse_11_0_nagios-090217.nasl - Type : ACT_GATHER_INFO
2009-07-20Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200907-15.nasl - Type : ACT_GATHER_INFO
2009-04-23Name : The remote Fedora host is missing a security update.
File : fedora_2008-10323.nasl - Type : ACT_GATHER_INFO
2009-04-23Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-698-1.nasl - Type : ACT_GATHER_INFO
2009-04-23Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-698-2.nasl - Type : ACT_GATHER_INFO
2009-04-23Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-698-3.nasl - Type : ACT_GATHER_INFO
2009-01-12Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_d4a358d3e09a11dda7650030843d3802.nasl - Type : ACT_GATHER_INFO
2008-05-29Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_fbd7aa812cc111dd8cfb00e0815b8da8.nasl - Type : ACT_GATHER_INFO
2008-05-01Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_nagios-5165.nasl - Type : ACT_GATHER_INFO
2008-05-01Name : The remote openSUSE host is missing a security update.
File : suse_nagios-5168.nasl - Type : ACT_GATHER_INFO