CVE-2007-5803: XSS
First published: Tue May 13 2008(Updated: )
Multiple cross-site scripting (XSS) vulnerabilities in CGI programs in Nagios before 2.12 might allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2007-5624 and CVE-2008-1360.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Nagios | =2.0b5 | |
| Nagios | =2.7 | |
| Nagios | =2.4 | |
| Nagios | =2.0b6 | |
| Nagios | =1.0b3 | |
| Nagios | =1.1 | |
| Nagios | =2.1 | |
| Nagios | =1.0b6 | |
| Nagios | =2.3.1 | |
| Nagios | =2.2 | |
| Nagios | =2.0b2 | |
| Nagios | =1.0b4 | |
| Nagios | =2.5 | |
| Nagios | =2.0b4 | |
| Nagios | =2.8 | |
| Nagios | =2.10 | |
| Nagios | =1.2 | |
| Nagios | =1.0b5 | |
| Nagios | =2.0b1 | |
| Nagios | =2.0 | |
| Nagios | =1.4 | |
| Nagios | =1.4.1 | |
| Nagios | =2.0b3 | |
| Nagios | =1.3 | |
| Nagios | =2.11 | |
| Nagios | =2.0rc1 | |
| Nagios | =2.3 | |
| Nagios | =1.0b1 | |
| Nagios | =1.0b2 | |
| Nagios | =2.9 | |
| Nagios | =2.0rc2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html
- http://secunia.com/advisories/30202
- http://sourceforge.net/project/shownotes.php?release_id=600377
- http://sourceforge.net/project/shownotes.php?release_id=600377&group_id=26589
- http://www.securityfocus.com/bid/29140
- http://secunia.com/advisories/30283
- http://www.vupen.com/english/advisories/2008/1567/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/42522
Frequently Asked Questions
What is the severity of CVE-2007-5803?
CVE-2007-5803 is classified as a medium severity vulnerability that can lead to cross-site scripting (XSS) attacks.
How do I fix CVE-2007-5803?
To fix CVE-2007-5803, upgrade Nagios to a version after 2.12 which addresses these XSS vulnerabilities.
What software versions are affected by CVE-2007-5803?
CVE-2007-5803 affects multiple versions of Nagios including versions from 1.0b1 to 2.11.
What types of attacks can CVE-2007-5803 lead to?
CVE-2007-5803 can allow remote attackers to inject arbitrary web scripts or HTML, leading to potential data theft or session hijacking.
Is CVE-2007-5803 a single vulnerability?
No, CVE-2007-5803 refers to multiple cross-site scripting (XSS) vulnerabilities within Nagios software.
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/description
- agent/type
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/nagios
- canonical/nagios
- version/nagios/2.0b5
- version/nagios/2.7
- version/nagios/2.4
- version/nagios/2.0b6
- version/nagios/1.0b3
- version/nagios/1.1
- version/nagios/2.1
- version/nagios/1.0b6
- version/nagios/2.3.1
- version/nagios/2.2
- version/nagios/2.0b2
- version/nagios/1.0b4
- version/nagios/2.5
- version/nagios/2.0b4
- version/nagios/2.8
- version/nagios/2.10
- version/nagios/1.2
- version/nagios/1.0b5
- version/nagios/2.0b1
- version/nagios/2.0
- version/nagios/1.4
- version/nagios/1.4.1
- version/nagios/2.0b3
- version/nagios/1.3
- version/nagios/2.11
- version/nagios/2.0rc1
- version/nagios/2.3
- version/nagios/1.0b1
- version/nagios/1.0b2
- version/nagios/2.9
- version/nagios/2.0rc2