Contact us

Solutions

Featured solutions AI Campus and branch Data center WAN Security Service provider Cloud operator Industries

Services

Services

Take me to HPE.com

HTTP: Nagios Network Analyzer Report Generator Command Injection

This signature detects attempts to exploit a known vulnerability in the function responsible for report generation of Nagios Network Analyzer. Successful exploitation allows the attacker to execute arbitrary commands under the security context of the server.

References

URL: https://assets.nagios.com/downloads/nagios-network-analyzer/changes.txt http://www.security-assessment.com/files/documents/advisory/nagiosnetworkanalyzeradvisory.pdf

Short Name

HTTP:CGI:NAGIOS-NARG-CI

Severity

Major

Recommended

True

Recommended Action

Drop

Category

HTTP

Keywords

Analyzer Command Generator Injection Nagios Network Report

Release Date

11/15/2016

Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version

3669

False Positive

Unknown