rpm package
suse/nagios&distro=SUSE Package Hub 15 SP1
pkg:rpm/suse/nagios&distro=SUSE%20Package%20Hub%2015%20SP1
Vulnerabilities (5)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-3698 | — | < 4.4.5-bp151.4.3.1 | 4.4.5-bp151.4.3.1 | Feb 28, 2020 | UNIX Symbolic Link (Symlink) Following vulnerability in the cronjob shipped with nagios of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 11; openSUSE Factory allows local attackers to cause cause DoS or potentially escalate privileges by winning a race. This issue | ||
| CVE-2018-18245 | — | < 4.4.5-bp151.4.3.1 | 4.4.5-bp151.4.3.1 | Dec 17, 2018 | Nagios Core 4.4.2 has XSS via the alert summary reports of plugin results, as demonstrated by a SCRIPT element delivered by a modified check_load plugin to NRPE. | ||
| CVE-2018-13458 | — | < 4.4.5-bp151.4.3.1 | 4.4.5-bp151.4.3.1 | Jul 12, 2018 | qh_core in Nagios Core 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attackers to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket. | ||
| CVE-2018-13457 | — | < 4.4.5-bp151.4.3.1 | 4.4.5-bp151.4.3.1 | Jul 12, 2018 | qh_echo in Nagios Core 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attackers to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket. | ||
| CVE-2018-13441 | — | < 4.4.5-bp151.4.3.1 | 4.4.5-bp151.4.3.1 | Jul 12, 2018 | qh_help in Nagios Core version 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attacker to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket. |
- CVE-2019-3698Feb 28, 2020affected < 4.4.5-bp151.4.3.1fixed 4.4.5-bp151.4.3.1
UNIX Symbolic Link (Symlink) Following vulnerability in the cronjob shipped with nagios of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 11; openSUSE Factory allows local attackers to cause cause DoS or potentially escalate privileges by winning a race. This issue
- CVE-2018-18245Dec 17, 2018affected < 4.4.5-bp151.4.3.1fixed 4.4.5-bp151.4.3.1
Nagios Core 4.4.2 has XSS via the alert summary reports of plugin results, as demonstrated by a SCRIPT element delivered by a modified check_load plugin to NRPE.
- CVE-2018-13458Jul 12, 2018affected < 4.4.5-bp151.4.3.1fixed 4.4.5-bp151.4.3.1
qh_core in Nagios Core 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attackers to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket.
- CVE-2018-13457Jul 12, 2018affected < 4.4.5-bp151.4.3.1fixed 4.4.5-bp151.4.3.1
qh_echo in Nagios Core 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attackers to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket.
- CVE-2018-13441Jul 12, 2018affected < 4.4.5-bp151.4.3.1fixed 4.4.5-bp151.4.3.1
qh_help in Nagios Core version 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attacker to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket.