Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

NagiosXI SQL injection vulnerability

https://support.nagios.com/forum/viewtopic.php?t=53320

Page 1 of 1

NagiosXI SQL injection vulnerability

Posted: Thu Apr 04, 2019 8:21 am
by markmerchant

Code: Select all

Version
    NagiosXI: Nagios XI 5.5.11
    uname -a: Linux cvglqnagios01.td.afg 3.10.0-957.5.1.el7.x86_64 #1 SMP Wed Dec 19 10:46:58 EST 2018 x86_64 x86_64 x86_64 GNU/Linux

Problem
    After upgrading Nagios XI to 5.5.11 we received notice from our Qualys team
    that the server is still vulnerable to CVE-2018-10738, CVE-2018-10737,
    CVE-2018-10736, and/or CVE-2018-10735.

Suggested solution
    They are advising that we create the following file and add a stanza. Is
    this a supported fix? Thx.

    /etc/httpd/conf.d/nagiosql.conf
        Alias /nagiosql "/var/www/html/nagiosql"

        <Directory "/var/www/html/nagiosql">
           Options None
           AllowOverride None
           Order deny,allow
           Deny from all
        </Directory>

Re: NagiosXI SQL injection vulnerability

Posted: Thu Apr 04, 2019 8:58 am
by markmerchant
Looks like this is some sort of addon to our original Nagios installation left over from about 2012.

I am going to delete the directory and see what happens.

Re: NagiosXI SQL injection vulnerability

Posted: Thu Apr 04, 2019 9:12 am
by scottwilkerson
markmerchant wrote:Looks like this is some sort of addon to our original Nagios installation left over from about 2012.

I am going to delete the directory and see what happens.
that would be a correct assessment, we do not use the nagiosql directory in XI 5.5.11
All times are UTC-05:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited