CVE-2008-7313 — Command Injection in Nagios
Severity
9.8CRITICALNVD
CNA10.0OSV10.0
EPSS
1.5%
top 19.13%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMar 31
Latest updateMay 17
Description
The _httpsrequest function in Snoopy allows remote attackers to execute arbitrary commands. NOTE: this issue exists dues to an incomplete fix for CVE-2008-4796.
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9
Affected Packages2 packages
Patches
🔴Vulnerability Details
3GHSA▶
GHSA-wr36-qh3g-7h4v: The _httpsrequest function in Snoopy allows remote attackers to execute arbitrary commands↗2022-05-17
OSV▶
CVE-2008-7313: The _httpsrequest function in Snoopy allows remote attackers to execute arbitrary commands↗2017-03-31
CVEList▶
CVE-2008-7313: The _httpsrequest function in Snoopy allows remote attackers to execute arbitrary commands↗2017-03-31
📋Vendor Advisories
2💬Community
6Bugzilla▶
CVE-2014-5009 CVE-2014-5008 CVE-2008-7313 wordpress-mu: snoopy: incomplete fixes for command execution flaws [epel-5]↗2014-07-21
Bugzilla▶
CVE-2014-5009 CVE-2014-5008 CVE-2008-7313 sahana: snoopy: incomplete fixes for command execution flaws [epel-5]↗2014-07-21
Bugzilla▶
CVE-2014-5009 CVE-2014-5008 CVE-2008-7313 nagios: snoopy: incomplete fixes for command execution flaws [epel-all]↗2014-07-21
Bugzilla▶
CVE-2014-5009 CVE-2014-5008 CVE-2008-7313 nagios: snoopy: incomplete fixes for command execution flaws [fedora-all]↗2014-07-21
Bugzilla▶
CVE-2014-5009 CVE-2014-5008 CVE-2008-7313 sahana: snoopy: incomplete fixes for command execution flaws [fedora-all]↗2014-07-21