Nagios.Statuswml.Cgi.Command.Execution
Description
This indicates a possible attack against a remote code-execution vulnerability in statuswml.cgi file of Nagios.
The vulnerability is due to the software's inability to properly handle shell metacharacters in its ping and traceroute commands. Remote attackers may exploit this to execute arbitrary code.
Affected Products
Nagios before 3.1.1
Impact
System compromise
Recommended Actions
You may upgrade your system to Nagios 3.1.1 or later.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |