Red Hat Bugzilla – Bug 488118
CVE-2008-6373 nagios: unspecified vuln related to CGI programs
Last modified: 2010-12-23 17:53:59 EST
Common Vulnerabilities and Exposures assigned an identifier to
the following vulnerability:
Reference: CONFIRM: http://www.nagios.org/development/history/nagios-3x.php
Reference: CONFIRM: http://www.nagios.org/news/#88
Reference: URL: http://www.securityfocus.com/bid/32611
Reference: URL: http://secunia.com/advisories/32909
Unspecified vulnerability in Nagios before 3.0.6 has unspecified
impact and remote attack vectors related to CGI programs, "adaptive
external commands," and "writing newlines and submitting service
And a thread the discusses this issue:
Fedora 10 should be updated to 3.0.6 to correct this issue (3.0.6 is currently in testing).
For Fedora 9 and HPC which provide Nagios 2.x, this is a non-issue as this is due to an incomplete fix for CVE-2008-5028 and should therefore only affect Nagios 3.0.5 (so only affecting Fedora 10).
Sorry, this one refers to an incomplete CVE-2008-5027 fix, not -5028 (but again only affects Nagios 3.0.5).