PHP Vunlnerability on Nagios server
Posted: Fri Oct 21, 2011 8:31 am
Hello,
Has anyone failed a Verizon scan on their Nagios server?
Our recent scan detected our Nagios server with having PHP vulnerabilities and listed below. I have tried upgrading OS from CentOS 5.4 to Cent OS 5.6 but did not remediate the vulnerabilities. I also tried upgrading PHP from 5.1.6 to 5.2.6 but broke Nagios - I was able to login to Nagios but when I start nagigating through the UI, some page would not load all the way. The page would just sit there trying to load, takes forever, and never loads.
CVE-2006-5465, CVE-2008-2666, CVE-2008-7002, CVE-2007-1521, CVE-2007-1396, CVE-2009-2626, CVE-2009-4018, CVE-2009-4142, CVE-2009-3293, CVE-2010-1130, CVE-2011-0708
Would upgrading to Nagios R1.7 or R1.8 which is on CentOS 6.0 help me with these vulnerabilities?
Thank you in advanced.
Has anyone failed a Verizon scan on their Nagios server?
Our recent scan detected our Nagios server with having PHP vulnerabilities and listed below. I have tried upgrading OS from CentOS 5.4 to Cent OS 5.6 but did not remediate the vulnerabilities. I also tried upgrading PHP from 5.1.6 to 5.2.6 but broke Nagios - I was able to login to Nagios but when I start nagigating through the UI, some page would not load all the way. The page would just sit there trying to load, takes forever, and never loads.
CVE-2006-5465, CVE-2008-2666, CVE-2008-7002, CVE-2007-1521, CVE-2007-1396, CVE-2009-2626, CVE-2009-4018, CVE-2009-4142, CVE-2009-3293, CVE-2010-1130, CVE-2011-0708
Would upgrading to Nagios R1.7 or R1.8 which is on CentOS 6.0 help me with these vulnerabilities?
Thank you in advanced.