Hello,
Has anyone failed a Verizon scan on their Nagios server?
Our recent scan detected our Nagios server with having PHP vulnerabilities and listed below. I have tried upgrading OS from CentOS 5.4 to Cent OS 5.6 but did not remediate the vulnerabilities. I also tried upgrading PHP from 5.1.6 to 5.2.6 but broke Nagios - I was able to login to Nagios but when I start nagigating through the UI, some page would not load all the way. The page would just sit there trying to load, takes forever, and never loads.
CVE-2006-5465, CVE-2008-2666, CVE-2008-7002, CVE-2007-1521, CVE-2007-1396, CVE-2009-2626, CVE-2009-4018, CVE-2009-4142, CVE-2009-3293, CVE-2010-1130, CVE-2011-0708
Would upgrading to Nagios R1.7 or R1.8 which is on CentOS 6.0 help me with these vulnerabilities?
Thank you in advanced.
PHP Vunlnerability on Nagios server
Re: PHP Vunlnerability on Nagios server
I'm not sure what I'm looking at with those vulnerabilities, you'd probably have to look at PHP's website as to what vulnerabilities have been fixed and when.
As far as XI goes, if you've upgraded from PHP 5.1.6 to 5.2.6, you may need to specify your timezone in the /etc/php.ini file. Also, go and and post any errors you're seeing in your /var/log/httpd/error_log. I'd also recommend clearing your javascript cache by pressing shift+reload.
As far as XI goes, if you've upgraded from PHP 5.1.6 to 5.2.6, you may need to specify your timezone in the /etc/php.ini file. Also, go and and post any errors you're seeing in your /var/log/httpd/error_log. I'd also recommend clearing your javascript cache by pressing shift+reload.