Vulnerability CVE-2018-13458


Published: 2018-07-12

Description:
qh_core in Nagios Core 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attackers to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket.

See advisories in our WLB2 database:
Topic
Author
Date
Med.
Nagios Core 4.4.1 Denial of Service
Fakhri Zulkifli
30.07.2018

Type:

CWE-476

(NULL Pointer Dereference)

Vendor: Nagios
Product: Nagios core 
Version: 4.4.1;

CVSS2 => (AV:N/AC:M/Au:N/C:N/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.3/10
2.9/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Partial

 References:
https://gist.github.com/fakhrizulkifli/40f3daf52950cca6de28ebec2498ff6e
https://knowledge.opsview.com/v5.3/docs/whats-new
https://knowledge.opsview.com/v5.4/docs/whats-new
https://www.exploit-db.com/exploits/45082/

Related CVE
CVE-2018-20172
An issue was discovered in Nagios XI before 5.5.8. The rss_url parameter of rss_dashlet/magpierss/scripts/magpie_slashbox.php is not filtered, resulting in an XSS vulnerability.
CVE-2018-20171
An issue was discovered in Nagios XI before 5.5.8. The url parameter of rss_dashlet/magpierss/scripts/magpie_simple.php is not filtered, resulting in an XSS vulnerability.
CVE-2018-18245
Nagios Core 4.4.2 has XSS via the alert summary reports of plugin results, as demonstrated by a SCRIPT element delivered by a modified check_load plugin to NRPE.
CVE-2018-15714
Nagios XI 5.5.6 allows reflected cross site scripting from remote unauthenticated attackers via the oname and oname2 parameters.
CVE-2018-15713
Nagios XI 5.5.6 allows persistent cross site scripting from remote authenticated attackers via the stored email address in admin/users.php.
CVE-2018-15712
Nagios XI 5.5.6 allows reflected cross site scripting from remote unauthenticated attackers via the host parameter in api_tool.php.
CVE-2018-15711
Nagios XI 5.5.6 allows remote authenticated attackers to reset and regenerate the API key of more privileged users. The attacker can then use the new API key to execute API calls at elevated privileges.
CVE-2018-15710
Nagios XI 5.5.6 allows local authenticated attackers to escalate privileges to root via Autodiscover_new.php.

Copyright 2019, cxsecurity.com

 

Back to Top