CVE-2011-1523

Related Files

Mandriva Linux Security Advisory 2012-049

Posted Apr 3, 2012

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-049 - Cross-site scripting vulnerability in statusmap.c in statusmap.cgi in Nagios 3.2.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the layer parameter. The updated packages have been patched to correct this issue.

tags | advisory, remote, web, arbitrary, cgi, xss

systems | linux, mandriva

advisories | CVE-2011-1523

SHA-256 | f89dda035b10b7cb0cea37643164ca192f767b587a8cd37c87951f667973bff8

Download | Favorite | View

Ubuntu Security Notice USN-1151-1

Posted Jun 16, 2011

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1151-1 - Stefan Schurtz discovered than Nagios did not properly sanitize its input when processing certain requests, resulting in cross-site scripting (XSS) vulnerabilities. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain.

tags | advisory, remote, vulnerability, xss

systems | linux, ubuntu

advisories | CVE-2011-1523, CVE-2011-2179

SHA-256 | dbddcfca89b20def2a2289fede61c28c8b2da56d5deb5a9dbc9249b874d0c56f

Download | Favorite | View