Exploit the possiblities
Showing 1 - 9 of 9 RSS Feed

CVE-2016-9565

Status Candidate

Overview

MagpieRSS, as used in the front-end component in Nagios Core before 4.2.2 might allow remote attackers to read or write to arbitrary files by spoofing a crafted response from the Nagios RSS feed server. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4796.

Related Files

Gentoo Linux Security Advisory 201710-20
Posted Oct 17, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201710-20 - Multiple vulnerabilities have been found in Nagios, the worst of which could lead to the remote execution of arbitrary code. Versions prior to 4.3.3 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2016-9565, CVE-2016-9566, CVE-2017-12847
MD5 | 2b1de88a25ee74ea0964d51d9c494380
Gentoo Linux Security Advisory 201702-26
Posted Feb 21, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201702-26 - Multiple vulnerabilities have been found in Nagios, the worst of which could lead to privilege escalation. Versions less than 4.2.4 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2008-4796, CVE-2008-7313, CVE-2016-8641, CVE-2016-9565, CVE-2016-9566
MD5 | cac6ee6344b504bc9cf533c5844cd853
Red Hat Security Advisory 2017-0259-01
Posted Feb 8, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0259-01 - Nagios is a program that monitors hosts and services on your network, and has the ability to send email or page alerts when a problem arises or is resolved. Security Fix: It was found that an attacker who could control the content of an RSS feed could execute code remotely using the Nagios web interface. This flaw could be used to gain access to the remote system and in some scenarios control over the system.

tags | advisory, remote, web
systems | linux, redhat
advisories | CVE-2016-9565, CVE-2016-9566
MD5 | f68c3e3df95bbd0e1b3601f6e3a9a4fd
Red Hat Security Advisory 2017-0258-01
Posted Feb 8, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0258-01 - Nagios is a program that monitors hosts and services on your network, and has the ability to send email or page alerts when a problem arises or is resolved. Security Fix: It was found that an attacker who could control the content of an RSS feed could execute code remotely using the Nagios web interface. This flaw could be used to gain access to the remote system and in some scenarios control over the system.

tags | advisory, remote, web
systems | linux, redhat
advisories | CVE-2016-9565, CVE-2016-9566
MD5 | 7d3a76f28c2fd222c5d98ff75fca22bc
Red Hat Security Advisory 2017-0214-01
Posted Jan 31, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0214-01 - Nagios is a program that monitors hosts and services on your network, and has the ability to send email or page alerts when a problem arises or is resolved. Nagios is written in C and designed to run under Linux as a background process, intermittently running checks on various services that you specify. The actual service checks are performed by separate "plugin" programs which return the status of the checks to Nagios. Nagios plugins are available at http://sourceforge.net/projects/nagiosplug. This package provides the core program, web interface, and documentation files for Nagios. Development files are built as a separate package.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2008-7313, CVE-2014-5008, CVE-2014-5009, CVE-2016-9565, CVE-2016-9566
MD5 | 177badea5657017f0302647f63bd8e6f
Red Hat Security Advisory 2017-0212-01
Posted Jan 31, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0212-01 - Nagios is a program that monitors hosts and services on your network, and has the ability to send email or page alerts when a problem arises or is resolved. Nagios is written in C and designed to run under Linux as a background process, intermittently running checks on various services that you specify. The actual service checks are performed by separate "plugin" programs which return the status of the checks to Nagios. Nagios plugins are available at http://sourceforge.net/projects/nagiosplug. This package provides the core program, web interface, and documentation files for Nagios. Development files are built as a separate package.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2008-7313, CVE-2014-5008, CVE-2014-5009, CVE-2016-9565, CVE-2016-9566
MD5 | 2e2fbf36e6aaba8787ffe2c8ba135436
Red Hat Security Advisory 2017-0211-01
Posted Jan 31, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0211-01 - Nagios is a program that monitors hosts and services on your network, and has the ability to send email or page alerts when a problem arises or is resolved. Nagios is written in C and designed to run under Linux as a background process, intermittently running checks on various services that you specify. The actual service checks are performed by separate "plugin" programs which return the status of the checks to Nagios. Nagios plugins are available at http://sourceforge.net/projects/nagiosplug. This package provides the core program, web interface, and documentation files for Nagios. Development files are built as a separate package.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2008-7313, CVE-2014-5008, CVE-2014-5009, CVE-2016-9565, CVE-2016-9566
MD5 | abccc720066783d21a2eed2a19de132d
Red Hat Security Advisory 2017-0213-01
Posted Jan 31, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0213-01 - Nagios is a program that monitors hosts and services on your network, and has the ability to send email or page alerts when a problem arises or is resolved. Nagios is written in C and designed to run under Linux as a background process, intermittently running checks on various services that you specify. The actual service checks are performed by separate "plugin" programs which return the status of the checks to Nagios. Nagios plugins are available at http://sourceforge.net/projects/nagiosplug. This package provides the core program, web interface, and documentation files for Nagios. Development files are built as a separate package.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2008-7313, CVE-2014-5008, CVE-2014-5009, CVE-2016-9565, CVE-2016-9566
MD5 | a1a4fc031e5897f6fc74ab4c9914886f
Nagios Core Curl Command Injection / Code Execution
Posted Dec 15, 2016
Authored by Dawid Golunski

Nagios Core versions prior to 4.2.2 suffer from a curl command injection vulnerability that can lead to remote code execution.

tags | exploit, remote, code execution
advisories | CVE-2016-9565
MD5 | 6dc98bfd8857fb90408586ac4fad6fd0
Page 1 of 1
Back1Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close