Nagios Looking Glass local File Inclusion Vulnerability

Nagios Looking Glass local File Inclusion Vulnerability

Release date:
Updated on:

Affected Systems:
Nagios Looking Glass <= 1.1.0 beta 2
Description:
--------------------------------------------------------------------------------
Bugtraq id: 63381

Nagios Looking Glass is a Web interface of Nagios. It can display the server status in real time.

Nagios Looking Glass 1.1.0 beta 2 and earlier versions have the local file inclusion vulnerability. Attackers can exploit this vulnerability to obtain sensitive information and execute local scripts in server processes.

<* Source: Vyacheslav Egoshin
*>

Suggestion:
--------------------------------------------------------------------------------
Vendor patch:

Nagios
------
Currently, the vendor does not provide patches or upgrade programs. We recommend that users who use the software follow the vendor's homepage to obtain the latest version:

Http://exchange.nagios.org/directory/Addons/Frontends-(GUIs-and-CLIs)/Web-Interfaces/Nagios-Looking-

Recommended reading:

Cacti construction document under CentOS 6

Detailed description of Cacti monitoring deployment under RHEL5.9

How to install Cacti in CentOS 6.3

Quick installation and configuration of Cacti in CentOS Linux

Nagios details: click here
Nagios: click here