Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5803

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2007-5803
Last Modified 07 Mar 2011 10:01:19
Published 13 May 2008 07:20:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-5803

Summary

Multiple cross-site scripting (XSS) vulnerabilities in CGI programs in Nagios before 2.12 might allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2007-5624 and CVE-2008-1360.

Vulnerable Systems

Application

  • Nagios 1.0b1

  • Nagios 1.0b2

  • Nagios 1.0b3

  • Nagios 1.0b4

  • Nagios 1.0b5

  • Nagios 1.0b6

  • Nagios 1.1

  • Nagios 1.2

  • Nagios 1.3

  • Nagios 1.4

  • Nagios 1.4.1

  • Nagios 2.0

  • Nagios 2.0b1

  • Nagios 2.0b2

  • Nagios 2.0b3

  • Nagios 2.0b4

  • Nagios 2.0b5

  • Nagios 2.0b6

  • Nagios 2.0rc1

  • Nagios 2.0rc2

  • Nagios 2.1

  • Nagios 2.10

  • Nagios 2.11

  • Nagios 2.2

  • Nagios 2.3

  • Nagios 2.3.1

  • Nagios 2.4

  • Nagios 2.5

  • Nagios 2.7

  • Nagios 2.8

  • Nagios 2.9


References

XF - nagios-cgi-unspecified-xss(42522)

VUPEN - ADV-2008-1567

BID - 29140

CONFIRM - http://sourceforge.net/project/shownotes.php?release_id=600377&group_id=26589

CONFIRM - http://sourceforge.net/project/shownotes.php?release_id=600377

SECUNIA - 30283

SECUNIA - 30202

SUSE - SUSE-SR:2008:011


Last Updated: 27 May 2016 10:46:17