Back to search
CVE-2008-5028
Published: Nov 10, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
Cross-site request forgery (CSRF) vulnerability in cmd.cgi in (1) Nagios 3.0.5 and (2) op5 Monitor before 4.0.1 allows remote attackers to send commands to the Nagios process, and trigger execution of arbitrary programs by this process, via unspecified HTTP requests.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
nagios-cmd-csrf(46426)
vdb-entry
x_refsource_XF
[nagios-devel] 20081107 Security fixes completed
mailing-list
x_refsource_MLIST
op5monitor-unspecified-csrf(46521)
vdb-entry
x_refsource_XF
GLSA-200907-15
vendor-advisory
x_refsource_GENTOO
33320
third-party-advisory
x_refsource_SECUNIA
[oss-security] 20081106 CVE request: Nagios (two issues)
mailing-list
x_refsource_MLIST
1022165
vdb-entry
x_refsource_SECTRACK
USN-698-3
vendor-advisory
x_refsource_UBUNTU
ADV-2008-3029
vdb-entry
x_refsource_VUPEN
SSRT090060
vendor-advisory
x_refsource_HP
HPSBMA02419
vendor-advisory
x_refsource_HP
ADV-2009-1256
vdb-entry
x_refsource_VUPEN
32610
third-party-advisory
x_refsource_SECUNIA
32630
third-party-advisory
x_refsource_SECUNIA
35002
third-party-advisory
x_refsource_SECUNIA
49678
vdb-entry
x_refsource_OSVDB
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now