[Pkg-nagios-devel] Bug#504894: SA32610: Nagios "cmd.cgi" Cross-Site Request Forgery

Raphael Geissert atomo64 at gmail.com
Fri Nov 21 00:56:25 UTC 2008


retitle 504894 CVE-2008-5028: Nagios "cmd.cgi" cross-site request forgery
thanks

2008/11/7 Raphael Geissert <atomo64 at gmail.com>:
[...]
>
> A proposed patch is available at [2].
>
> If you fix the vulnerability please also make sure to include the SA id (or
> the CVE id when one is assigned) in the changelog entry.

This issue has been assigned the following id: CVE-2008-5028, please
use it instead of the Secunia Advisory when fixing/referring to this
bug.

Btw, what's the ETA?

>
> [1]http://secunia.com/Advisories/32610/
> [2]http://git.op5.org/git/?p=nagios.git;a=commit;h=814d8d4d1a73f7151eeed187c0667585d79fea18
>
> Cheers,

Cheers,
-- 
Raphael Geissert - Debian Maintainer
www.debian.org - get.debian.net

Alfred Hitchcock  - "Television has brought back murder into the home
- where it belongs."





More information about the Pkg-nagios-devel mailing list