Hi,
26.10.2008 04:56, Tim Starling wrote:
> I discovered a serious security problem with default nagios
> installations. I sent an email to nagios at nagios.org about it on
> October 22. I have not received a response.
>
> Is there anyone here who wants to look at it?
Quite surely... if you think the issue is too serious for public
disclosure, send mail to Ethan or Andreas, for example.
I'm also quite interested in this, but more because I think that
Nagios itself is, by its intended use in a purely administrative
environment without open access, not easily exploited by remote,
unautorized users... the cgis with anonymous access and the plugins,
of course, could easily hold security risks - but that's a different
thing than the Nagios core. Anyway, I'm curious.
Regards,
Arno
> -- Tim Starling
--
Arno Lehmann
IT-Service Lehmann
Sandstr. 6, 49080 Osnabrück
www.its-lehmann.de
This post was automatically imported from historical nagios-devel mailing list archives
Original poster: [email protected]