fkie_nvd - fkie_cve-2007-5803

fkie_cve-2007-5803

Vulnerability from fkie_nvd

Published

2008-05-13 23:20

Modified

2024-11-21 00:38

Severity ?

Summary

Multiple cross-site scripting (XSS) vulnerabilities in CGI programs in Nagios before 2.12 might allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2007-5624 and CVE-2008-1360.

References

URL	Tags
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html	Exploit
cve@mitre.org	http://secunia.com/advisories/30202	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/30283	Vendor Advisory
cve@mitre.org	http://sourceforge.net/project/shownotes.php?release_id=600377
cve@mitre.org	http://sourceforge.net/project/shownotes.php?release_id=600377&group_id=26589
cve@mitre.org	http://www.securityfocus.com/bid/29140
cve@mitre.org	http://www.vupen.com/english/advisories/2008/1567/references
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/42522
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30202	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30283	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://sourceforge.net/project/shownotes.php?release_id=600377
af854a3a-2127-422b-91ae-364da2661108	http://sourceforge.net/project/shownotes.php?release_id=600377&group_id=26589
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/29140
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/1567/references
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/42522

Impacted products

Vendor	Product	Version
nagios	nagios	1.0b1
nagios	nagios	1.0b2
nagios	nagios	1.0b3
nagios	nagios	1.0b4
nagios	nagios	1.0b5
nagios	nagios	1.0b6
nagios	nagios	1.1
nagios	nagios	1.2
nagios	nagios	1.3
nagios	nagios	1.4
nagios	nagios	1.4.1
nagios	nagios	2.0
nagios	nagios	2.0b1
nagios	nagios	2.0b2
nagios	nagios	2.0b3
nagios	nagios	2.0b4
nagios	nagios	2.0b5
nagios	nagios	2.0b6
nagios	nagios	2.0rc1
nagios	nagios	2.0rc2
nagios	nagios	2.1
nagios	nagios	2.2
nagios	nagios	2.3
nagios	nagios	2.3.1
nagios	nagios	2.4
nagios	nagios	2.5
nagios	nagios	2.7
nagios	nagios	2.8
nagios	nagios	2.9
nagios	nagios	2.10
nagios	nagios	2.11

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:nagios:nagios:1.0b1:*:*:*:*:*:*:*",
              "matchCriteriaId": "52432776-C9C6-4CA7-B3D9-87513CBA5716",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nagios:nagios:1.0b2:*:*:*:*:*:*:*",
              "matchCriteriaId": "601958D5-B393-4EFA-9A6F-A5A04A95F4BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nagios:nagios:1.0b3:*:*:*:*:*:*:*",
              "matchCriteriaId": "99B2E88A-A611-43C5-8037-411D6B78EC03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nagios:nagios:1.0b4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DCEFBFC-38BD-4F78-B068-1A90C6199CEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nagios:nagios:1.0b5:*:*:*:*:*:*:*",
              "matchCriteriaId": "E61ACC55-1002-4FA3-8E5A-52041CE5DCD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nagios:nagios:1.0b6:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C773265-0BE7-463A-8E24-84D804F14AF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nagios:nagios:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A847327-D74E-460C-9F6F-E04C9B77E0C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nagios:nagios:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F7425E3-F152-439B-B95F-5160E4593DBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nagios:nagios:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5911624-5BD8-4A40-B417-FCD926D352BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nagios:nagios:1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF45013F-A844-4726-8B2A-EF602A3BC4C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nagios:nagios:1.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0879A39F-7C92-4FD3-9FEF-2E7C4F2C0444",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nagios:nagios:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A91E463-D239-4853-8A63-E01EE7DB319F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nagios:nagios:2.0b1:*:*:*:*:*:*:*",
              "matchCriteriaId": "239CAF7F-E9BF-4D0F-BB99-EF51E1366516",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nagios:nagios:2.0b2:*:*:*:*:*:*:*",
              "matchCriteriaId": "738DF14D-A716-46F0-87AC-2DB2F1E44594",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nagios:nagios:2.0b3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E8E1234-9F0D-4E6F-BF58-5DAE8E41DB85",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nagios:nagios:2.0b4:*:*:*:*:*:*:*",
              "matchCriteriaId": "0073F69B-C5FA-470A-BA95-9C4E8033F5CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nagios:nagios:2.0b5:*:*:*:*:*:*:*",
              "matchCriteriaId": "AAA7C5B6-C13D-4814-AA7B-444CF12E4DEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nagios:nagios:2.0b6:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1209D1C-DD27-41FC-8DAF-BFC0B4B1D602",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nagios:nagios:2.0rc1:*:*:*:*:*:*:*",
              "matchCriteriaId": "39551FFC-E1F0-4D45-ADA6-AB3E74BB576D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nagios:nagios:2.0rc2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BED52AA-BE20-447C-8896-4B591C42F66A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nagios:nagios:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "82DE68E3-7003-4675-96A9-6F7308E1E39C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nagios:nagios:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E3F8DC3-2F34-4E11-A796-4EA7CB17FDDB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nagios:nagios:2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7ADCBA8C-06DB-4D85-AEED-807E64A29DFB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nagios:nagios:2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D3EE2D7-BD17-4C37-ABA3-79FCE8328EFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nagios:nagios:2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "927B8496-720D-4B15-A12E-52169AFB38D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nagios:nagios:2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F9E80B2-E349-488F-A870-9BD50D47A672",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nagios:nagios:2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "1121E86B-13EB-4DE3-816A-002C6DC15A70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nagios:nagios:2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C3374C3-9F57-4014-8712-DDDAB52998FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nagios:nagios:2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D4F00F-C732-477B-988A-25F8E8D32D07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nagios:nagios:2.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7A5D5AC-9E4C-4F3B-A16A-C6DD18DD8D51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nagios:nagios:2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "725F9938-0A5C-4A59-BFA4-C58044DE26DB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple cross-site scripting (XSS) vulnerabilities in CGI programs in Nagios before 2.12 might allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2007-5624 and CVE-2008-1360."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades de tipo cross-site scripting (XSS) en programas CGI en Nagios versiones anteriores a  2.12,  podr\u00edan permitir a atacantes remotos inyectar script web o HTML arbitrario por medio  de vectores no especificados, un problema diferente de CVE-2007-5624 y CVE-2008-1360."
    }
  ],
  "id": "CVE-2007-5803",
  "lastModified": "2024-11-21T00:38:43.887",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2008-05-13T23:20:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30202"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30283"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://sourceforge.net/project/shownotes.php?release_id=600377"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://sourceforge.net/project/shownotes.php?release_id=600377\u0026group_id=26589"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/29140"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/1567/references"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42522"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30202"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30283"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sourceforge.net/project/shownotes.php?release_id=600377"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sourceforge.net/project/shownotes.php?release_id=600377\u0026group_id=26589"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/29140"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1567/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42522"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

cve-2007-5803

Vulnerability from cvelistv5

Published

2008-05-13 23:00

Modified

2024-08-07 15:47