Detections
Analytics
Nagios XI < 2011R1.9 Multiple Vulnerabilities
medium Nessus Plugin ID 61429
Language:
Synopsis
The remote web server contains a PHP application that is affected by multiple vulnerabilities.Description
The version of Nagios XI hosted on the remote web server is affected by multiple vulnerabilities :- A privilege escalation vulnerability exists in the method used to install RPMs.
- A privilege escalation vulnerability exists in the method used to edit crontab files.
- Multiple reflective cross-site scripting vulnerabilities exist due to the failure to sanitize the query strings of GET requests.
- A stored cross-site scripting vulnerability exists in the 'reports/myreports.php' script due to the failure to sanitize the report name.
An attacker can leverage the cross-site scripting issues by enticing a user to follow a malicious URL, causing attacker-specified script code to run inside the user's browser in the context of the affected site. Information harvested this way may aid in launching further attacks.
Solution
Upgrade to Nagios XI 2011R1.9 build 20111213 or later.See Also
http://0a29.blogspot.com/2011/12/0a29-11-4-privilege-escalation.html
https://www.securityfocus.com/archive/1/520876/30/0/threaded
http://0a29.blogspot.com/2011/12/0a29-11-3-cross-site-scripting.html
https://www.securityfocus.com/archive/1/520875/30/0/threaded
https://assets.nagios.com/downloads/nagiosxi/CHANGES-2011.TXT
Plugin Details
Severity: Medium
ID: 61429
File Name: nagiosxi_2011r1_9.nasl
Version: 1.11
Type: remote
Family: CGI abuses
Published: 8/6/2012
Updated: 1/19/2021
Supported Sensors: Nessus
Risk Information
CVSS v2
Risk Factor: Medium
Base Score: 4.6
Temporal Score: 3.8
Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P
Vulnerability Information
CPE: cpe:/a:nagios:nagios
Required KB Items: www/nagios_xi
Excluded KB Items: Settings/disable_cgi_scanning
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 12/14/2011
Vulnerability Publication Date: 12/13/2011