Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 178621

Summary: >=net-analyzer/nagios-2.x "functions/prepend_adm.php" File Inclusion
Product: Gentoo Security Reporter: Lars Hartmann <lars>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED INVALID    
Severity: normal    
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://secunia.com/advisories/25274/
Whiteboard:
Package list:
Runtime testing required: ---

Description Lars Hartmann 2007-05-15 11:29:08 UTC 
Some vulnerabilities have been discovered in NagiosQL, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system.

Input passed to the "SETS[path][physical]" and "SETS[path][IT]" parameters in functions/prepend_adm.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local or external resources.

Successful exploitation requires that "register_globals" is enabled.

The vulnerabilities are confirmed in version 2.00-P00. Other versions may also be affected.

Solution:
Edit the source code to ensure that input is properly verified.

Reproducible: Always
Comment 1 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2007-05-15 11:35:00 UTC 
AFAIR we handle issues that require register_globals to be turned on.
Comment 2 Matt Drew (RETIRED) gentoo-dev 2007-05-15 14:32:24 UTC 
This isn't in Nagios, it's in a web-based config tool for Nagios which isn't in portage, NagiosQL.  Not our problem.
Comment 3 Lars Hartmann 2007-05-15 14:39:18 UTC 
oh ok, my fault.
thanks for the information
-closed-