GLSA
Advocate
Joined: 12 May 2004
Posts: 2663
|
 Posted: Sun Dec 14, 2014 3:26 am Post subject: [ GLSA 201412-23 ] Nagios: Multiple vulnerabilities |
 |
|
Gentoo Linux Security Advisory
Title: Nagios: Multiple vulnerabilities (GLSA 201412-23)
Severity: normal
Exploitable: remote
Date: December 13, 2014
Bug(s): #447802, #495132, #501200
ID: 201412-23
Synopsis
Multiple vulnerabilities have been found in Nagios, the worst of
which may allow remote code execution.
Background
Nagios is an open source host, service and network monitoring program.
Affected Packages
Package: net-analyzer/nagios-core
Vulnerable: < 3.5.1
Unaffected: >= 3.5.1
Architectures: All supported architectures
Description
Multiple vulnerabilities have been discovered in Nagios. Please review
the CVE identifiers referenced below for details.
Impact
A remote attacker may be able to execute arbitrary code, cause a Denial
of Service condition, or obtain sensitive information.
Workaround
There is no known workaround at this time.
Resolution
All Nagios users should upgrade to the latest version: | Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=net-analyzer/nagios-core-3.5.1"
|
References
CVE-2012-6096
CVE-2013-7108
CVE-2013-7205 |
|
News & Announcements
