Summary
Nagios is prone to an unspecified privilege-escalation scripting vulnerability.
An attacker with low-level privileges may exploit this issue to bypass authorization and cause arbitrary commands to run within the context of the Nagios server. This may aid in further attacks.
Few technical details are available at this time
we will update
this BID as more information emerges.
The issue affects versions prior to Nagios 3.0.5.
Solution
The vendor has released updates. Please see http://www.nagios.org/ for more information.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2008-5027 -
CVSS Base Score: 6.5
AV:N/AC:L/Au:S/C:P/I:P/A:P
Related Vulnerabilities
- Adobe Flash Player Multiple Security Bypass Vulnerabilities - 01 Feb14 (Mac OS X)
- Adobe Reader Plugin Signature Bypass Vulnerability (Mac OS X)
- Adobe Digital Edition Information Disclosure Vulnerability (Windows)
- Asterisk SIP Response Username Enumeration Remote Information Disclosure Vulnerability
- Apple Safari Multiple Memory Corruption Vulnerabilities-01 Aug14 (Mac OS X)