cbcvebase.

Debian Nagios4 vulnerabilities

5 known vulnerabilities affecting debian/nagios4.

Total CVEs
5
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
MEDIUM1LOW4

Vulnerabilities

Page 1 of 1
CVE-2018-13458P4LOWCVSS 5.5PoCfixed in nagios4 4.3.4-3 (bookworm)2018
CVE-2018-13458 [MEDIUM] CVE-2018-13458: nagios4 - qh_core in Nagios Core 4.4.1 and earlier is prone to a NULL pointer dereference ... qh_core in Nagios Core 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attackers to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket. Scope: local bookworm: resolved (fixed in 4.3.4-3) bullseye: resolved (fixed in 4.3.4-3) sid: resolved (fixed in 4.3.4-3) trixie: resolved (fixe
debian
CVE-2018-13457P4LOWCVSS 5.5PoCfixed in nagios4 4.3.4-3 (bookworm)2018
CVE-2018-13457 [MEDIUM] CVE-2018-13457: nagios4 - qh_echo in Nagios Core 4.4.1 and earlier is prone to a NULL pointer dereference ... qh_echo in Nagios Core 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attackers to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket. Scope: local bookworm: resolved (fixed in 4.3.4-3) bullseye: resolved (fixed in 4.3.4-3) sid: resolved (fixed in 4.3.4-3) trixie: resolved (fixe
debian
CVE-2018-13441P4LOWCVSS 5.5PoCfixed in nagios4 4.3.4-3 (bookworm)2018
CVE-2018-13441 [MEDIUM] CVE-2018-13441: nagios4 - qh_help in Nagios Core version 4.4.1 and earlier is prone to a NULL pointer dere... qh_help in Nagios Core version 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attacker to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket. Scope: local bookworm: resolved (fixed in 4.3.4-3) bullseye: resolved (fixed in 4.3.4-3) sid: resolved (fixed in 4.3.4-3) trixie: resolve
debian
CVE-2020-13977P4MEDIUMCVSS 4.9fixed in nagios4 4.3.4-4 (bookworm)2020
CVE-2020-13977 [MEDIUM] CVE-2020-13977: nagios4 - Nagios 4.4.5 allows an attacker, who already has administrative access to change... Nagios 4.4.5 allows an attacker, who already has administrative access to change the "URL for JSON CGIs" configuration setting, to modify the Alert Histogram and Trends code via crafted versions of the archivejson.cgi, objectjson.cgi, and statusjson.cgi files. NOTE: this vulnerability has been mistakenly associated with CVE-2020-1408. Scope: local bookworm: resolv
debian
CVE-2018-18245P4LOWCVSS 5.4fixed in nagios4 4.3.4-3 (bookworm)2018
CVE-2018-18245 [MEDIUM] CVE-2018-18245: nagios4 - Nagios Core 4.4.2 has XSS via the alert summary reports of plugin results, as de... Nagios Core 4.4.2 has XSS via the alert summary reports of plugin results, as demonstrated by a SCRIPT element delivered by a modified check_load plugin to NRPE. Scope: local bookworm: resolved (fixed in 4.3.4-3) bullseye: resolved (fixed in 4.3.4-3) sid: resolved (fixed in 4.3.4-3) trixie: resolved (fixed in 4.3.4-3)
debian
Debian Nagios4 vulnerabilities | cvebase