[Pkg-nagios-devel] Bug#504894: SA32610: Nagios "cmd.cgi" Cross-Site Request Forgery
Raphael Geissert
atomo64 at gmail.com
Fri Nov 21 00:56:25 UTC 2008
retitle 504894 CVE-2008-5028: Nagios "cmd.cgi" cross-site request forgery
thanks
2008/11/7 Raphael Geissert <atomo64 at gmail.com>:
[...]
>
> A proposed patch is available at [2].
>
> If you fix the vulnerability please also make sure to include the SA id (or
> the CVE id when one is assigned) in the changelog entry.
This issue has been assigned the following id: CVE-2008-5028, please
use it instead of the Secunia Advisory when fixing/referring to this
bug.
Btw, what's the ETA?
>
> [1]http://secunia.com/Advisories/32610/
> [2]http://git.op5.org/git/?p=nagios.git;a=commit;h=814d8d4d1a73f7151eeed187c0667585d79fea18
>
> Cheers,
Cheers,
--
Raphael Geissert - Debian Maintainer
www.debian.org - get.debian.net
Alfred Hitchcock - "Television has brought back murder into the home
- where it belongs."
More information about the Pkg-nagios-devel
mailing list