MGASA-2021-0209 - Updated nagios packages fix a security vulnerability Publication date: 12 May 2021 URL: https://advisories.mageia.org/MGASA-2021-0209.html Type: security Affected Mageia releases: 7 CVE: CVE-2020-13977 Nagios 4.4.5 allows an attacker, who already has administrative access to change the "URL for JSON CGIs" configuration setting, to modify the Alert Histogram and Trends code via crafted versions of the archivejson.cgi, objectjson.cgi, and statusjson.cgi files (CVE-2020-13977). References: - https://bugs.mageia.org/show_bug.cgi?id=28557 - https://lists.fedoraproject.org/archives/list/[email protected]/thread/JUEIABR4Y6L5J5MZDFWU46ZWXMJO64U3/ - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13977 SRPMS: - 7/core/nagios-4.4.3-2.1.mga7
Mageia 2021-0209: nagios security update
Nagios 4.4.5 allows an attacker, who already has administrative access to change the "URL for JSON CGIs" configuration setting, to modify the Alert Histogram and Trends code via cr...
Summary
Nagios 4.4.5 allows an attacker, who already has administrative access to
change the "URL for JSON CGIs" configuration setting, to modify the Alert
Histogram and Trends code via crafted versions of the archivejson.cgi,
objectjson.cgi, and statusjson.cgi files (CVE-2020-13977).
References
- https://bugs.mageia.org/show_bug.cgi?id=28557
- https://lists.fedoraproject.org/archives/list/[email protected]/thread/JUEIABR4Y6L5J5MZDFWU46ZWXMJO64U3/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13977
Resolution
MGASA-2021-0209 - Updated nagios packages fix a security vulnerability
SRPMS
- 7/core/nagios-4.4.3-2.1.mga7
Severity
Publication date: 12 May 2021
URL: https://advisories.mageia.org/MGASA-2021-0209.html
Type: security
CVE: CVE-2020-13977
News
HOWTOs
About Us
Powered By
