Secunia Security Advisory 33320

Secunia Security Advisory 33320: Posted Dec 26, 2008; Authored by Secunia | Site secunia.com; Secunia Security Advisory - Ubuntu has issued an update for nagios2. This fixes some vulnerabilities, which can be exploited by malicious users to bypass certain security restrictions or by malicious people to conduct cross-site request forgery attacks.; tags | advisory, vulnerability, csrf; systems | linux, ubuntu; SHA-256 | 0fcfe7c20c12854b6d100d717586636d7552e524c9262c705a53e061416c42ee; Download | Favorite | View

Secunia Security Advisory 33320

----------------------------------------------------------------------

Did you know that a change in our assessment rating, exploit code
availability, or if an updated patch is released by the vendor, is
not part of this mailing-list?

Click here to learn more:
http://secunia.com/advisories/business_solutions/

----------------------------------------------------------------------

TITLE:
Ubuntu update for nagios2

SECUNIA ADVISORY ID:
SA33320

VERIFY ADVISORY:
http://secunia.com/advisories/33320/

CRITICAL:
Less critical

IMPACT:
Security Bypass, Cross Site Scripting

WHERE:
>From remote

OPERATING SYSTEM:
Ubuntu Linux 8.04
http://secunia.com/advisories/product/18611/

DESCRIPTION:
Ubuntu has issued an update for nagios2. This fixes some
vulnerabilities, which can be exploited by malicious users to bypass
certain security restrictions or by malicious people to conduct
cross-site request forgery attacks.

For more information:
SA32543
SA32610

SOLUTION:
Apply updated packages and restart nagios.

-- Ubuntu 8.04 LTS --

Source archives:

http://security.ubuntu.com/ubuntu/pool/universe/n/nagios2/nagios2_2.11-1ubuntu1.4.diff.gz
Size/MD5: 37439 1e9c238bb21704f42d6275c31cf99108
http://security.ubuntu.com/ubuntu/pool/universe/n/nagios2/nagios2_2.11-1ubuntu1.4.dsc
Size/MD5: 1174 99b9d7ca524be867d538f8f39d52f0cf
http://security.ubuntu.com/ubuntu/pool/universe/n/nagios2/nagios2_2.11.orig.tar.gz
Size/MD5: 1741962 058c1f4829de748b42da1b584cccc941

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/universe/n/nagios2/nagios2-common_2.11-1ubuntu1.4_all.deb
Size/MD5: 61506 c4f5c96b1c8be0e58c362eb005efba9c
http://security.ubuntu.com/ubuntu/pool/universe/n/nagios2/nagios2-doc_2.11-1ubuntu1.4_all.deb
Size/MD5: 1135002 0515ced55e66978706203bdac4055b39

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/universe/n/nagios2/nagios2-dbg_2.11-1ubuntu1.4_amd64.deb
Size/MD5: 1640150 d23994c62750473a55138f10935318b6
http://security.ubuntu.com/ubuntu/pool/universe/n/nagios2/nagios2_2.11-1ubuntu1.4_amd64.deb
Size/MD5: 1106218 d2ca0e16009ae6738cae6efd29f243df

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/universe/n/nagios2/nagios2-dbg_2.11-1ubuntu1.4_i386.deb
Size/MD5: 1552138 4a165fc1202e3dcc4c7af4eeaa8f14cb
http://security.ubuntu.com/ubuntu/pool/universe/n/nagios2/nagios2_2.11-1ubuntu1.4_i386.deb
Size/MD5: 987174 73ba6b8faef90259a965ad3c2aee176e

lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/universe/n/nagios2/nagios2-dbg_2.11-1ubuntu1.4_lpia.deb
Size/MD5: 1586750 161d8bbc1d2f8251aa0888c326152763
http://ports.ubuntu.com/pool/universe/n/nagios2/nagios2_2.11-1ubuntu1.4_lpia.deb
Size/MD5: 999124 984199f0814041fb1d3be332c78a1084

powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/universe/n/nagios2/nagios2-dbg_2.11-1ubuntu1.4_powerpc.deb
Size/MD5: 1609376 fc3975c98bf065371fd8a0230d1007c5
http://ports.ubuntu.com/pool/universe/n/nagios2/nagios2_2.11-1ubuntu1.4_powerpc.deb
Size/MD5: 1109530 a5e36a48935587ccfc565376a5ea58fa

sparc architecture (Sun SPARC/UltraSPARC):

http://ports.ubuntu.com/pool/universe/n/nagios2/nagios2-dbg_2.11-1ubuntu1.4_sparc.deb
Size/MD5: 1448326 2fc971f58d9891abd1d2babe018742ef
http://ports.ubuntu.com/pool/universe/n/nagios2/nagios2_2.11-1ubuntu1.4_sparc.deb
Size/MD5: 989588 158c615af339c126f07fcc8b3e05480a

ORIGINAL ADVISORY:
USN-698-3:
https://lists.ubuntu.com/archives/ubuntu-security-announce/2008-December/000815.html

OTHER REFERENCES:
SA32543:
http://secunia.com/advisories/32543/

SA32610:
http://secunia.com/advisories/32610/

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Top Authors In Last 30 Days

Red Hat 251 files
indoushka 174 files
Jay Turla 150 files
Ubuntu 89 files
h00die 54 files
juan vazquez 43 files
sinn3r 41 files
H D Moore 31 files
Gentoo 25 files
Karn Ganeshen 23 files

File Archives

Systems

AIX (430)
Apple (2,115)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,126)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,592)
HPUX (881)
iOS (390)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,362)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (16,911)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,882)
UNIX (9,459)
UnixWare (188)
Windows (6,777)
Other

Secunia Security Advisory 33320

Secunia Security Advisory 33320

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Secunia Security Advisory 33320

Share This

Secunia Security Advisory 33320

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems