[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] Nagios Core < 4.2.2 Curl Command Injection leading to Remote Code Execution [CVE-
From: Tomas Hoger <thoger () redhat ! com>
Date: 2016-12-21 22:30:15
Message-ID: 20161221233015.27a0038d () redhat ! com
[Download RAW message or body]
On Tue, 20 Dec 2016 17:12:58 -0200 Dawid Golunski wrote:
> Vulnerability:
> Nagios Core < 4.2.2 Curl Command Injection / Remote Code Execution
Your report should mention that this issue was in Snoopy:
https://sourceforge.net/projects/snoopy/
which was embedded in MagpieRSS, which was embedded in Nagios.
> CVE-2016-9565
It's the same issue as CVE-2014-5008:
http://seclists.org/oss-sec/2014/q3/176
--
Tomas Hoger / Red Hat Product Security
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic