[Pkg-nagios-devel] Bug#504894: SA32610: Nagios "cmd.cgi" Cross-Site Request Forgery

Raphael Geissert atomo64 at gmail.com
Fri Nov 21 00:56:25 UTC 2008

retitle 504894 CVE-2008-5028: Nagios "cmd.cgi" cross-site request forgery

2008/11/7 Raphael Geissert <atomo64 at gmail.com>:
> A proposed patch is available at [2].
> If you fix the vulnerability please also make sure to include the SA id (or
> the CVE id when one is assigned) in the changelog entry.

This issue has been assigned the following id: CVE-2008-5028, please
use it instead of the Secunia Advisory when fixing/referring to this

Btw, what's the ETA?

> [1]http://secunia.com/Advisories/32610/
> [2]http://git.op5.org/git/?p=nagios.git;a=commit;h=814d8d4d1a73f7151eeed187c0667585d79fea18
> Cheers,

Raphael Geissert - Debian Maintainer
www.debian.org - get.debian.net

Alfred Hitchcock  - "Television has brought back murder into the home
- where it belongs."

More information about the Pkg-nagios-devel mailing list