[v2.6] Vulnerability in nagios < 3.4.4 allows remote code execution
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6096
Solution:
- Upgrade to 3.4.4 (edge, v2.5)
- Patches: (v2.4 and below)
http://nagios.svn.sourceforge.net/viewvc/nagios/nagioscore/trunk/cgi/getcgi.c?view=patch&r1=2547&r2=2546&pathrev=2547
http://nagios.svn.sourceforge.net/viewvc/nagios/nagioscore/trunk/cgi/history.c?view=patch&r1=2547&r2=2546&pathrev=2547
(from redmine: issue id 1699, created on 2013-03-19, closed on 2013-04-17)
- Changesets:
- Revision 6e834735 by Natanael Copa on 2013-04-12T08:46:42Z:
main/nagios: upgrade to 3.5.0
fixes #1699 (CVE-2012-6096)