Nagios

Nagios

37 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2014-5009

  • EPSS 2.69%
  • Published 31.03.2017 16:59:00
  • Last modified 20.04.2025 01:37:25

Snoopy allows remote attackers to execute arbitrary commands. NOTE: this vulnerability exists due to an incomplete fix for CVE-2014-5008.

9.8

CVE-2008-7313

  • EPSS 1.46%
  • Published 31.03.2017 16:59:00
  • Last modified 20.04.2025 01:37:25

The _httpsrequest function in Snoopy allows remote attackers to execute arbitrary commands. NOTE: this issue exists dues to an incomplete fix for CVE-2008-4796.

7.8

CVE-2016-10089

  • EPSS 0.1%
  • Published 15.02.2017 15:59:00
  • Last modified 20.04.2025 01:37:25

Nagios 4.3.2 and earlier allows local users to gain root privileges via a hard link attack on the Nagios init script file, related to CVE-2016-8641.

7.8

CVE-2016-9566

Exploit
  • EPSS 11.97%
  • Published 15.12.2016 22:59:00
  • Last modified 12.04.2025 10:46:40

base/logging.c in Nagios Core before 4.2.4 allows local users with access to an account in the nagios group to gain root privileges via a symlink attack on the log file. NOTE: this can be leveraged by remote attackers using CVE-2016-9565.

9.8

CVE-2016-9565

Exploit
  • EPSS 21.87%
  • Published 15.12.2016 22:59:00
  • Last modified 12.04.2025 10:46:40

MagpieRSS, as used in the front-end component in Nagios Core before 4.2.2 might allow remote attackers to read or write to arbitrary files by spoofing a crafted response from the Nagios RSS feed server. NOTE: this vulnerability exists because of an ...

2.1

CVE-2014-4703

Exploit
  • EPSS 0.44%
  • Published 05.12.2014 16:59:08
  • Last modified 12.04.2025 10:46:40

lib/parse_ini.c in Nagios Plugins 2.0.2 allows local users to obtain sensitive information via a symlink attack on the configuration file in the extra-opts flag. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-4701.

2.1

CVE-2014-4702

  • EPSS 0.11%
  • Published 05.12.2014 16:59:07
  • Last modified 12.04.2025 10:46:40

The check_icmp plugin in Nagios Plugins before 2.0.2 allows local users to obtain sensitive information from INI configuration files via the extra-opts flag, a different vulnerability than CVE-2014-4701.

2.1

CVE-2014-4701

Exploit
  • EPSS 0.06%
  • Published 05.12.2014 16:59:05
  • Last modified 12.04.2025 10:46:40

The check_dhcp plugin in Nagios Plugins before 2.0.2 allows local users to obtain sensitive information from INI configuration files via the extra-opts flag, a different vulnerability than CVE-2014-4702.

5

CVE-2014-1878

  • EPSS 2.34%
  • Published 28.02.2014 15:13:04
  • Last modified 12.04.2025 10:46:40

Stack-based buffer overflow in the cmd_submitf function in cgi/cmd.c in Nagios Core, possibly 4.0.3rc1 and earlier, and Icinga before 1.8.6, 1.9 before 1.9.5, and 1.10 before 1.10.3 allows remote attackers to cause a denial of service (segmentation f...

4

CVE-2013-2214

  • EPSS 2.68%
  • Published 10.02.2014 23:55:04
  • Last modified 11.04.2025 00:51:21

status.cgi in Nagios 4.0 before 4.0 beta4 and 3.x before 3.5.1 does not properly restrict access to certain users that are a contact for a service, which allows remote authenticated users to obtain sensitive information about hostnames via the servic...