CVE-2008-5028 (retired)

Priority
Description
Cross-site request forgery (CSRF) vulnerability in cmd.cgi in (1) Nagios
3.0.5 and (2) op5 Monitor before 4.0.1 allows remote attackers to send
commands to the Nagios process, and trigger execution of arbitrary programs
by this process, via unspecified HTTP requests.
Notes
 mdeslaur> Nagios 1.x doesn't have the CMD_CHANGE commands, so remote attackers
  wouldn't be able to trigger arbitrary programs.
Package
Upstream:needs-triage
Package
Upstream:needs-triage
More Information

Updated: 2019-03-26 11:45:51 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)