BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
Nagios Core < 4.2.2 Curl Command Injection leading to Remote Code Execution [CVE-2016-9565] Dec 15 2016 09:14AM
Dawid Golunski (dawid legalhackers com)
Vulnerability:
Nagios Core < 4.2.2 Curl Command Injection leading to Remote Code Execution

CVE-2016-9565

Discovered by: Dawid Golunski (@dawid_golunski)
https://legalhackers.com

Severity: High

Nagios Core comes with a PHP/CGI front-end which allows to view status
of the monitored hosts.
This fr...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus