Summary
The remote host is missing an update to the system as announced in the referenced advisory.
Solution
Update your system with the appropriate patches or software upgrades.
http://secunia.com/advisories/33320
http://www.ubuntu.com/usn/USN-698-1
http://www.nagios.org/development/history/nagios-3x.php http://www.vuxml.org/freebsd/d4a358d3-e09a-11dd-a765-0030843d3802.html
Insight
The following packages are affected:
nagios
nagios2
CVE-2008-5027
The Nagios process in (1) Nagios before 3.0.5 and (2) op5 Monitor before 4.0.1 allows remote authenticated users to bypass authorization checks, and trigger execution of arbitrary programs by this process, via an (a) custom form or a (b) browser addon.
Severity
Classification
-
CVE CVE-2008-5027 -
CVSS Base Score: 6.5
AV:N/AC:L/Au:S/C:P/I:P/A:P
Related Vulnerabilities