On 7 Oct 2010, at 07:13, aero wrote:
My company's security team found a security flaws in opsview. even
for 3.9.0
Someone can execute shell command via URL( ex. http://opsviewurl/cgi-nmis/admin.pl?admin=ping&node=10.10.10.10
| ls -l )
Hi Kang,
Thanks for the report. The patch is here:
Hi
We've raised this as an issue for urgent investigation (OPS-1379). Thanks for
flagging it.
> Hello,
>
> My company's security team found a security flaws in opsview. even for 3.9.0
>
> Someone can execute shell command via URL( ex.
> http://opsviewurl/cgi-nmis/admin.pl?admin=ping&node=10
Hello
In Opsview 3.9.0,
I filled Wiki Comment on Hostgroup and Host,
but bulb image on popup menu is still indicating off.
___
Opsview-users mailing list
Opsview-users@lists.opsview.org
http://lists.opsview.org/lists/listinfo/opsview-users
