Test ID:	1.3.6.1.4.1.25623.1.0.63165
Category:	FreeBSD Local Security Checks
Title:	FreeBSD Ports: nagios
Summary:	The remote host is missing an update to the system; as announced in the referenced advisory.
Description:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following packages are affected: nagios nagios2 CVE-2008-5027 The Nagios process in (1) Nagios before 3.0.5 and (2) op5 Monitor before 4.0.1 allows remote authenticated users to bypass authorization checks, and trigger execution of arbitrary programs by this process, via an (a) custom form or a (b) browser addon. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 6.5 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2008-5027 BugTraq ID: 32156 http://www.securityfocus.com/bid/32156 http://security.gentoo.org/glsa/glsa-200907-15.xml HPdes Security Advisory: HPSBMA02419 http://marc.info/?l=bugtraq&m=124156641928637&w=2 HPdes Security Advisory: SSRT090060 http://www.nagios.org/development/history/nagios-3x.php http://sourceforge.net/mailarchive/forum.php?thread_name=4914396D.5010009%40op5.se&forum_name=nagios-devel http://www.openwall.com/lists/oss-security/2008/11/06/2 http://www.securitytracker.com/id?1022165 http://secunia.com/advisories/33320 http://secunia.com/advisories/35002 http://www.ubuntu.com/usn/USN-698-1 https://www.ubuntu.com/usn/USN-698-3/ http://www.vupen.com/english/advisories/2008/3029 http://www.vupen.com/english/advisories/2008/3364 http://www.vupen.com/english/advisories/2009/1256
Copyright	Copyright (C) 2009 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.