Описание
Snoopy allows remote attackers to execute arbitrary commands.
Various command-execution flaws were found in the Snoopy library included with Nagios. These flaws allowed remote attackers to execute arbitrary commands by manipulating Nagios HTTP headers.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat OpenStack Platform 3 | nagios | Will not fix | ||
| Red Hat OpenStack Platform 4 | nagios | Will not fix | ||
| Red Hat Storage 2.1 | nagios | Will not fix | ||
| Red Hat Storage 3.0 | nagios | Will not fix | ||
| Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6 | nagios | Fixed | RHSA-2017:0212 | 31.01.2017 |
| Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7 | nagios | Fixed | RHSA-2017:0211 | 31.01.2017 |
| Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7 | nagios | Fixed | RHSA-2017:0213 | 31.01.2017 |
| Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7 | nagios | Fixed | RHSA-2017:0214 | 31.01.2017 |
Показывать по
10
Дополнительная информация
Статус:
Important
https://bugzilla.redhat.com/show_bug.cgi?id=1121497snoopy: incomplete fixes for command execution flaws
EPSS
Процентиль: 90%
0.05547
Низкий
7.2 High
CVSS3
7.5 High
CVSS2
Связанные уязвимости
CVSS3: 9.8
ubuntu
почти 9 лет назад
Snoopy allows remote attackers to execute arbitrary commands.
CVSS3: 9.8
nvd
почти 9 лет назад
Snoopy allows remote attackers to execute arbitrary commands.
CVSS3: 9.8
debian
почти 9 лет назад
Snoopy allows remote attackers to execute arbitrary commands.
CVSS3: 9.8
github
больше 3 лет назад
Snoopy allows remote attackers to execute arbitrary commands.
EPSS
Процентиль: 90%
0.05547
Низкий
7.2 High
CVSS3
7.5 High
CVSS2