Ubuntu Security Notice USN-698-1 December 22, 2008========================================================== nagios vulnerability CVE-2008-5027 ========================================================== A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
After a standard system upgrade you need to restart Nagios to effect the necessary changes.
Details follow:
It was discovered that Nagios did not properly parse commands submitted usi= ng the web interface. An authenticated user could use a custom form or a brows= er addon to bypass security restrictions and submit unauthorized commands.