FrSIRT - Fedora Security Update Fixes Nagios Cross Site Scripting Vulnerability / Exploit

French Security Incident Response Team

Français

English

Fedora Security Update Fixes Nagios Cross Site Scripting Vulnerability

Date de Publication : 2007-12-10 © FrSIRT.COM
Titre : Fedora Security Update Fixes Nagios Cross Site Scripting Vulnerability
Identifiant : FrSIRT/AVIS-2007-4128
CVE ID : CVE-2007-5624
Risque : Bas (1/4) -

Exploitable à distance : Oui
Exploitable en local : Oui

En savoir plus

Description

Produits affectés

Solution

Références

Description Technique

Une vulnérabilité a été identifiée dans Fedora, elle pourrait être exploitée par des utilisateurs distants afin de conduire des attaques par cross site scripting [...]

Solution

Installer les mises à jour :

81a09c13426f60076844496abc54dfbbb84cf7eb nagios-2.10-3.fc7.ppc64.rpm
5a67dea82d753a85bd8329a0e4462308af1bfa4e nagios-devel-2.10-3.fc7.ppc64.rpm
fdcf9b005c71e13bab0b0ae15ead14a116663572 nagios-debuginfo-2.10-3.fc7.ppc64.rpm
796b3f95e7bcf124d67b070f0ebb760fac94b586 nagios-debuginfo-2.10-3.fc7.i386.rpm
7a2750b4b308fcd4e918f512dde840cbec40f575 nagios-2.10-3.fc7.i386.rpm
dbf21db3daf78190c891300e3b073c7204030549 nagios-devel-2.10-3.fc7.i386.rpm
f6c41af4c271858928caceef6147cf03c3df0947 nagios-devel-2.10-3.fc7.x86_64.rpm
c8f6a68c6dc38347553a03ea672837322a9fe772 nagios-2.10-3.fc7.x86_64.rpm
846ccdd5400f7cc834150de8965708aa31a9d6e7 nagios-debuginfo-2.10-3.fc7.x86_64.rpm
c8245be56d2ecc43ff8f69bc81dfd077cc7c8731 nagios-debuginfo-2.10-3.fc7.ppc.rpm
11f80539b413951ea1598425194294782075b920 nagios-devel-2.10-3.fc7.ppc.rpm
3fb7387e9f8277ca3e85c3f8f747df7112f24c2d nagios-2.10-3.fc7.ppc.rpm
2b7b4c15444d0ace086815e9905241fc2742d639 nagios-2.10-3.fc7.src.rpm

Historique

2007-12-10 : Version Initiale

Recevez les bulletins FrSIRT

Le service FrSIRT VNS permet aux professionnels de la sécurité (RSSI, DSI, administrateurs et consultants) de recevoir en temps-réel, par email, SMS et flux RSS/XML, des bulletins de vulnérabilités complets, détaillés et personnalisés.

Recherche

Newsletter

	Sun Solaris System Management Agent Buffer Overflow Vulnerability
	Sun Update Fixes Mozilla Thunderbird Multiple Vulnerabilities
	Sun Java JDK and JRE Code Execution Vulnerabilities
	Sun Solaris DNS Protocol Remote Cache Poisoning Vulnerability
	Sun Solaris Tomcat JSP/Servlet Container Multiple Vulnerabilities
	Sun Java System Access Manager XSLT Code Execution Vulnerability
	Sun Solaris 10 Adobe Reader Multiple Code Execution Vulnerabilities

	Apple iPhone and iPod touch Multiple Code Execution Vulnerabilities
	Apple Xcode Code Execution and Information Disclosure Vulnerabilities
	Apple TV Data Processing Remote Code Execution Vulnerabilities
	Apple Mac OS X Command Execution Vulnerabilities
	Apple Safari for Mac OS X Remote Code Execution Vulnerability
	Apple Mac OS X ARDAgent Local Privilege Escalation Vulnerability
	Apple Safari Code Execution and Information Disclosure Vulnerabilities

	Mozilla Firefox for Mac OS X GIF Rendering Code Execution Vulnerability
	Mozilla Products Remote Code Execution Vulnerabilities
	Mozilla Products Code Execution and Injection Vulnerabilities
	Mozilla JavaScript Garbage Collector Code Execution Vulnerability
	Mozilla Thunderbird Code Execution and Cross Site Scripting Issues
	Mozilla Firefox and SeaMonkey Multiple Remote Code Execution Issues
	Mozilla Thunderbird Multiple Security Bypass and Code Execution Issues