----------------------------------------------------------------------

Did you know that a change in our assessment rating, exploit code
availability, or if an updated patch is released by the vendor, is
not part of this mailing-list?

Click here to learn more:
http://secunia.com/advisories/business_solutions/

----------------------------------------------------------------------

TITLE:
Ubuntu update for nagios3

SECUNIA ADVISORY ID:
SA33234

VERIFY ADVISORY:
http://secunia.com/advisories/33234/

CRITICAL:
Less critical

IMPACT:
Security Bypass, Cross Site Scripting

WHERE:
>From remote

OPERATING SYSTEM:
Ubuntu Linux 8.10
http://secunia.com/advisories/product/20299/

DESCRIPTION:
Ubuntu has issued an update for nagios3. This fixes some
vulnerabilities, which can be exploited by malicious users to bypass
certain security restrictions or by malicious people to conduct
cross-site request forgery attacks.

For more information:
SA32543

SOLUTION:
Apply updated packages.

-- Ubuntu 8.10 --

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/n/nagios3/nagios3_3.0.2-1ubuntu1.1.diff.gz
Size/MD5: 38086 84020bf2660e52ef176a2274971e4c1b
http://security.ubuntu.com/ubuntu/pool/main/n/nagios3/nagios3_3.0.2-1ubuntu1.1.dsc
Size/MD5: 1644 868828fdabd748689e35083aa052a483
http://security.ubuntu.com/ubuntu/pool/main/n/nagios3/nagios3_3.0.2.orig.tar.gz
Size/MD5: 2759331 008d71aac08660bc007f7130ea82ab80

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/n/nagios3/nagios3-common_3.0.2-1ubuntu1.1_all.deb
Size/MD5: 72216 1cccb3e8640dbd2612caf7841ae1756b
http://security.ubuntu.com/ubuntu/pool/main/n/nagios3/nagios3-doc_3.0.2-1ubuntu1.1_all.deb
Size/MD5: 2063224 9769666c13c1d886228f66ff40dc729a

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/n/nagios3/nagios3-dbg_3.0.2-1ubuntu1.1_amd64.deb
Size/MD5: 2660164 381e889f994b102f6e65acc67f032f7a
http://security.ubuntu.com/ubuntu/pool/main/n/nagios3/nagios3_3.0.2-1ubuntu1.1_amd64.deb
Size/MD5: 1538712 8ce98eee89e13bc544180c73c9d24ba0

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/n/nagios3/nagios3-dbg_3.0.2-1ubuntu1.1_i386.deb
Size/MD5: 2429130 87889b6dc28b86c4aae3d0acdd9950e9
http://security.ubuntu.com/ubuntu/pool/main/n/nagios3/nagios3_3.0.2-1ubuntu1.1_i386.deb
Size/MD5: 1387398 ec353697aced7539893ef9409d850120

lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/main/n/nagios3/nagios3-dbg_3.0.2-1ubuntu1.1_lpia.deb
Size/MD5: 2479724 433504296b1650a7d393ab28d9b264b7
http://ports.ubuntu.com/pool/main/n/nagios3/nagios3_3.0.2-1ubuntu1.1_lpia.deb
Size/MD5: 1376480 be232a1c16b5daff63b586f2cd66b9eb

powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/main/n/nagios3/nagios3-dbg_3.0.2-1ubuntu1.1_powerpc.deb
Size/MD5: 2630802 167b533ea10d8962df5bc5904133c067
http://ports.ubuntu.com/pool/main/n/nagios3/nagios3_3.0.2-1ubuntu1.1_powerpc.deb
Size/MD5: 1525154 0679044c20e6a53c9311f2670834035b

sparc architecture (Sun SPARC/UltraSPARC):

http://ports.ubuntu.com/pool/main/n/nagios3/nagios3-dbg_3.0.2-1ubuntu1.1_sparc.deb
Size/MD5: 2327204 f40329c8a8216799a365d185bcc2a646
http://ports.ubuntu.com/pool/main/n/nagios3/nagios3_3.0.2-1ubuntu1.1_sparc.deb
Size/MD5: 1379752 04408878bff9de5f485c7da2c6ffde4d

ORIGINAL ADVISORY:
http://www.ubuntu.com/usn/USN-698-2

OTHER REFERENCES:
SA32543:
http://secunia.com/advisories/32543/

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

----------------------------------------------------------------------