Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

CVE-2021-3193 questions

https://support.nagios.com/forum/viewtopic.php?t=61469

Page 1 of 1

CVE-2021-3193 questions

Posted: Wed Jan 27, 2021 10:08 am
by UWBernie
I'm hoping to find out anything more about CVE-2021-3193. Specifically:



Were there active exploits that prompted them to release the update, or just POC's?
When did they first learn about the POC's (or exploits)?
What is the evidence to look for if it was exploited on the box?
When was the update released? (One site says 1/21, one says 1/22.)

Re: CVE-2021-3193 questions

Posted: Thu Jan 28, 2021 11:45 am
by benjaminsmith
Hi,

It was brought to our attention by a customer, the exploit was patched and we filed the corresponding CVE.

If you feel your system has been compromised, please PM me the system profile and we'll review this for you right away. Alternatively, run a top command and look for the avalonsabre process.

Best Regards,
Benjamin
All times are UTC-05:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited