About the Secunia Advisory SA51537 security alert

This post is also available in: French

We wish to draw your attention to one of the latest security alerts impacting Nagios. This could possibly affect your Centreon monitoring.
Here’s what the Merethis technical teams advocate.

You should know that this warning only applies to Nagios CGIs and it allows to execute code remotely. Nagios CGIs correspond to its web interface. This vulnerability requires that the attacker has an account on the CGIs. If it doesn’t have an account or the CGI are not installed then the intrusion is impossible.
If CGIs are installed, it is recommended to check that the following user accounts are not enabled by default:

  • nagiosadmin/nagiosadmin
  • admin/nagios
  • admin/centreon

To secure your installation, you can:

  • go to Nagios 3.4.4 (not recommended)
  • disable CGIs (recommended)
  • prohibit any unidentified person from accessing the CGIs (recommended)

Find more details on this security alert

Useful and significant information: Centreon Engine is NOT affected by this security warning :-)

2 thoughts on “About the Secunia Advisory SA51537 security alert

  1. Is Nagios version 3.4.4 not recommended just because you haven’t had time to test it yet fully or is there something wrong with it? Is 3.2.3 STILL the version Centreon recommends?

    • Nagios : be careful about the latest versions

      A new version of Nagios is now available : the 3.4.1 version.
      This version includes a critical bug about memory and downtime management.
      Nagios doesn’t manage efficiently its memory and the process stops. Also, please note that downtimes don’t work.
      Finally, be careful with the previous version (3.3.1); This version has a problem with performance data operation, graphs don’t work.

Leave a Reply