oss-sec mailing list archives
Re: CVE Request (nagios)
From: Andreas Ericsson <ae () op5 se>
Date: Mon, 08 Dec 2008 10:37:41 +0100
Josh Bressers wrote:
Hi Steve, I'm not seeing a CVE id for this. It seems the Nagios 3.0.6 release fixes a flaw: http://www.nagios.org/development/history/nagios-3x.php http://bugs.gentoo.org/show_bug.cgi?id=249876 Here is the patch: http://sourceforge.net/mailarchive/forum.php?thread_name=E1L6mat-0001sb-RN%40fdv4jf1.ch3.sourceforge.com&forum_name=nagios-checkins
CVE id 2008-5028 has been assigned to this. I requested a CVE id through this list on Nov 6 2008. Fairly full details on the two issues described in my original email (Message-Id: <49131C7E.8050105 () op5 se>) can be found at http://blogs.op5.org The patch has been publicly available since Nov 7, when I announced it on the nagios-devel mailing list. Both issues were reported to the Nagios dev team by Tim Starling on Oct 26. -- Andreas Ericsson andreas.ericsson () op5 se OP5 AB www.op5.se Tel: +46 8-230225 Fax: +46 8-230231
Current thread:
- CVE Request (nagios) Josh Bressers (Dec 05)
- Re: CVE Request (nagios) Andreas Ericsson (Dec 08)
- Re: CVE Request (nagios) Eygene Ryabinkin (Dec 08)
- Re: CVE Request (nagios) Andreas Ericsson (Dec 08)
- Re: CVE Request (nagios) Eygene Ryabinkin (Dec 08)
- Re: CVE Request (nagios) Jan Lieskovsky (Dec 08)
- Re: CVE Request (nagios) Eygene Ryabinkin (Dec 08)
- Re: CVE Request (nagios) Eygene Ryabinkin (Dec 08)
- Re: CVE Request (nagios) Eygene Ryabinkin (Dec 10)
- Re: CVE Request (nagios) Andreas Ericsson (Dec 10)
- Re: CVE Request (nagios) Eygene Ryabinkin (Dec 10)
- Re: CVE Request (nagios) Andreas Ericsson (Dec 10)
- Re: CVE Request (nagios) Eygene Ryabinkin (Dec 08)
- Re: CVE Request (nagios) Andreas Ericsson (Dec 08)
