1
PublicDateAtUSN: 2011-05-03
2
Candidate: CVE-2011-1523
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1523
6
http://www.rul3z.de/advisories/SSCHADV2011-002.txt
7
https://usn.ubuntu.com/usn/usn-1151-1
9
Cross-site scripting (XSS) vulnerability in statusmap.c in statusmap.cgi in
10
Nagios 3.2.3 and earlier allows remote attackers to inject arbitrary web
11
script or HTML via the layer parameter.
15
https://bugzilla.redhat.com/show_bug.cgi?id=690877
16
http://tracker.nagios.org/view.php?id=207
17
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=629127
18
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=629131
20
Discovered-by: Stefan Schurtz
24
upstream_nagios: needs-triage
25
dapper_nagios: ignored (reached end-of-life)
32
precise/esm_nagios: DNE
39
vivid/stable-phone-overlay_nagios: DNE
40
vivid/ubuntu-core_nagios: DNE
50
upstream_nagios2: needs-triage
52
hardy_nagios2: ignored (reached end-of-life)
58
precise/esm_nagios2: DNE
65
vivid/stable-phone-overlay_nagios2: DNE
66
vivid/ubuntu-core_nagios2: DNE
76
upstream_nagios3: released (3.2.3-3)
79
lucid_nagios3: released (3.2.0-4ubuntu2.2)
80
maverick_nagios3: released (3.2.1-2ubuntu1.2)
81
natty_nagios3: released (3.2.3-1ubuntu1.2)
82
oneiric_nagios3: not-affected (3.2.3-3)
83
precise_nagios3: not-affected (3.2.3-3)
84
precise/esm_nagios3: DNE (precise was not-affected [3.2.3-3])
85
quantal_nagios3: not-affected (3.2.3-3)
86
raring_nagios3: not-affected (3.2.3-3)
87
saucy_nagios3: not-affected (3.2.3-3)
88
trusty_nagios3: not-affected (3.2.3-3)
89
utopic_nagios3: not-affected (3.2.3-3)
90
vivid_nagios3: not-affected (3.2.3-3)
91
vivid/stable-phone-overlay_nagios3: DNE
92
vivid/ubuntu-core_nagios3: DNE
93
wily_nagios3: not-affected (3.2.3-3)
94
xenial_nagios3: not-affected (3.2.3-3)
95
yakkety_nagios3: not-affected (3.2.3-3)
96
zesty_nagios3: not-affected (3.2.3-3)
97
artful_nagios3: not-affected (3.2.3-3)
98
bionic_nagios3: not-affected (3.2.3-3)
99
devel_nagios3: not-affected (3.2.3-3)
102
upstream_icinga: needs-triage
105
maverick_icinga: ignored (reached end-of-life)
106
natty_icinga: ignored (reached end-of-life)
107
oneiric_icinga: ignored (reached end-of-life)
108
precise_icinga: ignored (reached end-of-life)
109
precise/esm_icinga: DNE (precise was needs-triage)
110
quantal_icinga: ignored (reached end-of-life)
111
raring_icinga: ignored (reached end-of-life)
112
saucy_icinga: ignored (reached end-of-life)
113
trusty_icinga: needs-triage
114
utopic_icinga: ignored (reached end-of-life)
115
vivid_icinga: ignored (reached end-of-life)
116
vivid/stable-phone-overlay_icinga: DNE
117
vivid/ubuntu-core_icinga: DNE
118
wily_icinga: ignored (reached end-of-life)
119
xenial_icinga: needs-triage
120
yakkety_icinga: ignored (reached end-of-life)
121
zesty_icinga: ignored (reached end-of-life)
122
artful_icinga: needs-triage
123
bionic_icinga: needs-triage
124
devel_icinga: needs-triage