[Bug 238516] [NEW] XSS issues in Nagios CGI (CVE-2007-5803)
Thierry Carrez
thierry.carrez at canonical.com
Mon Jun 9 11:02:15 BST 2008
*** This bug is a security vulnerability ***
Public security bug reported:
Binary package hint: nagios2
Multiple cross-site scripting (XSS) vulnerabilities in CGI programs in
Nagios before 2.12 might allow remote attackers to inject arbitrary web
script or HTML via unspecified vectors, a different issue than
CVE-2007-5624 and CVE-2008-1360.
Note that this also affects nagios3 (before 3.0.2).
I'm working on a patch.
** Affects: nagios2 (Ubuntu)
Importance: Undecided
Status: New
** Affects: nagios3 (Ubuntu)
Importance: Undecided
Status: New
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2007-5803
** Visibility changed to: Public
** Also affects: nagios3 (Ubuntu)
Importance: Undecided
Status: New
--
XSS issues in Nagios CGI (CVE-2007-5803)
https://bugs.launchpad.net/bugs/238516
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nagios2 in ubuntu.
More information about the Ubuntu-server-bugs
mailing list