NVD

Id
22411  
Name
CVE-2016-9565  
Description
MagpieRSS, as used in the front-end component in Nagios Core before 4.2.2 might allow remote attackers to read or write to arbitrary files by spoofing a crafted response from the Nagios RSS feed server. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4796.  
Reject
 
CVSS Version
2  
CVSS Score
7.5  
Severity
High  
CVSS Base Score
7.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-19  
Published
2016-12-15  
Modified Date
2016-12-16  
Seq
2016-9565  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
118997 22411 CVE-2016-9565 http://packetstormsecurity.com/files/140169/Nagios-Core-Curl-Command-Injection-Code-Execution.html  View
118998 22411 CVE-2016-9565 20161215 Nagios Core < 4.2.2 Curl Command Injection leading to Remote Code Execution [CVE-2016-9565]  View
118999 22411 CVE-2016-9565 20161215 Nagios Core < 4.2.2 Curl Command Injection leading to Remote Code Execution [CVE-2016-9565]  View
119000 22411 CVE-2016-9565 94922  View
119001 22411 CVE-2016-9565 https://legalhackers.com/advisories/Nagios-Exploit-Command-Injection-CVE-2016-9565-2008-4796.html  View
119002 22411 CVE-2016-9565 https://www.nagios.org/projects/nagios-core/history/4x/  View

Related JVN