Bug 33822 - nagios3: Multiple issues (3.3)
nagios3: Multiple issues (3.3)
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: Security updates
UCS 3.3
Other Linux
: P1 normal (vote)
: UCS 3.3-1-errata
Assigned To: Arvid Requate
Janek Walkenhorst
:
Depends on: 33821
Blocks:
  Show dependency treegraph
 
Reported: 2014-01-02 11:16 CET by Moritz Muehlenhoff
Modified: 2017-08-31 13:03 CEST (History)
1 user (show)

See Also:
What kind of report is it?: Security Issue
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score: 8.1 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Moritz Muehlenhoff univentionstaff 2014-01-02 11:16:40 CET
+++ This bug was initially created as a clone of Bug #33821 +++

Denial of service in various CGI scripts (CVE-2013-7205, CVE-2013-7108)
Cross-site request forgery (CVE-2013-7107)
Comment 1 Arvid Requate univentionstaff 2015-05-06 18:25:13 CEST
These three issues have also been classified as "Minor issue" in Debian
Comment 2 Stefan Gohmann univentionstaff 2015-09-01 14:32:03 CEST
The issues were classified as minor issues. Removing target milestone.
Comment 3 Arvid Requate univentionstaff 2016-12-19 13:19:39 CET
Upstream Debian Wheezy package version 3.4.1-3+deb7u3 fixes these issues:

* MagpieRSS, as used in the front-end component in Nagios Core before 4.2.2 might allow remote attackers to read or write to arbitrary files by spoofing a crafted response from the Nagios RSS feed server.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4796. (CVE-2016-9565)

* base/logging.c in Nagios Core before 4.2.4 allows local users with access to an account in the nagios group to gain root privileges via a symlink attack on the log file.  NOTE: this can be leveraged by remote attackers using CVE-2016-9565. (CVE-2016-9566)

Either we update to the UCS 3.3 package 3.2.1-2+squeeze1 to the wheezy version or we need to packport the patch.
Comment 4 Arvid Requate univentionstaff 2016-12-19 16:36:47 CET
Patches backported: CVE-2014-1878 CVE-2016-9566

Not affected by CVE-2016-9565.

Advisory: nagios3.yaml
Comment 5 Janek Walkenhorst univentionstaff 2017-05-16 18:59:36 CEST
(In reply to Arvid Requate from comment #4)
> Advisory: nagios3.yaml
OK

Tests (amd64): OK
Comment 6 Janek Walkenhorst univentionstaff 2017-05-17 16:59:17 CEST
<http://errata.software-univention.de/ucs/3.3/32.html>