|
|
Nagios 'statuswml.cgi' Remote Arbitrary Shell Command Injection Vulnerability
|
Bugtraq ID:
|
35464
|
|
Class:
|
Input Validation Error
|
|
CVE:
|
CVE-2009-2288
|
|
Remote:
|
Yes
|
|
Local:
|
No
|
|
Published:
|
Jun 22 2009 12:00AM
|
|
Updated:
|
Aug 31 2009 06:42PM
|
|
Credit:
|
Paul
|
|
Vulnerable:
|
Ubuntu Ubuntu Linux 9.04 sparc
Ubuntu Ubuntu Linux 9.04 powerpc
Ubuntu Ubuntu Linux 9.04 lpia
Ubuntu Ubuntu Linux 9.04 i386
Ubuntu Ubuntu Linux 9.04 amd64
Ubuntu Ubuntu Linux 8.10 sparc
Ubuntu Ubuntu Linux 8.10 powerpc
Ubuntu Ubuntu Linux 8.10 lpia
Ubuntu Ubuntu Linux 8.10 i386
Ubuntu Ubuntu Linux 8.10 amd64
Ubuntu Ubuntu Linux 8.04 LTS sparc
Ubuntu Ubuntu Linux 8.04 LTS powerpc
Ubuntu Ubuntu Linux 8.04 LTS lpia
Ubuntu Ubuntu Linux 8.04 LTS i386
Ubuntu Ubuntu Linux 8.04 LTS amd64
S.u.S.E. SLE 11
S.u.S.E. SLE 10
S.u.S.E. openSUSE 11.1
S.u.S.E. openSUSE 11.0
S.u.S.E. openSUSE 10.3
RedHat HPC Solution EL5 5
RedHat Fedora 11
Nagios Nagios 3.0.6
Nagios Nagios 3.0.5
Nagios Nagios 3.0.4
Nagios Nagios 2.9
Nagios Nagios 2.8
Nagios Nagios 2.7
Nagios Nagios 2.12
Nagios Nagios 2.11
Nagios Nagios 2.10
MandrakeSoft Enterprise Server 5 x86_64
MandrakeSoft Enterprise Server 5
MandrakeSoft Corporate Server 4.0 x86_64
MandrakeSoft Corporate Server 4.0
Gentoo Linux
Debian Linux 5.0 sparc
Debian Linux 5.0 s/390
Debian Linux 5.0 powerpc
Debian Linux 5.0 mipsel
Debian Linux 5.0 mips
Debian Linux 5.0 m68k
Debian Linux 5.0 ia-64
Debian Linux 5.0 ia-32
Debian Linux 5.0 hppa
Debian Linux 5.0 armel
Debian Linux 5.0 arm
Debian Linux 5.0 amd64
Debian Linux 5.0 alpha
Debian Linux 5.0
|
|
|
|
Not Vulnerable:
|
Nagios Nagios 3.1.1
|
|
|
