Oval Definition:	oval:com.ubuntu.precise:def:20112179000
Revision Date: 2011-06-14 Version: 1 Title: CVE-2011-2179 on Ubuntu 12.04 LTS (precise) - medium. Description: Multiple cross-site scripting (XSS) vulnerabilities in config.c in config.cgi in (1) Nagios 3.2.3 and (2) Icinga before 1.4.1 allow remote attackers to inject arbitrary web script or HTML via the expand parameter, as demonstrated by an (a) command action or a (b) hosts action. Family: unix Class: vulnerability Status: Reference(s): CVE-2011-2179 Platform(s): Ubuntu 12.04 LTS Product(s): Definition Synopsis Ubuntu 12.04 LTS (precise) is installed. AND Package Information The vulnerability of the 'icinga' package in precise is not known (status: 'needs-triage'). It is pending evaluation. OR NOT While related to the CVE in some way, the 'nagios3' package in precise is not affected (note: '3.2.3-3').
BACK