MGASA-2013-0262

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2013-0262.html

Import Source

https://advisories.mageia.org/MGASA-2013-0262.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2013-0262

Related

CVE-2013-4114

Published

2013-08-30T17:19:33Z

Modified

2015-07-09T07:56:53Z

Summary

Updated nagstamon package fixes security vulnerability

Details

A user details information exposure flaw was found in the way Nagstamon performed automated requests to get information about available updates. Remote attackers could use this flaw to obtain user credentials for servers monitored by the desktop status monitor due to their improper (base64 encoding-based) encoding in the HTTP request, when the HTTP Basic authentication scheme was used (CVE-2013-4114).

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:3 / nagstamon

Package

Name: nagstamon
Purl: pkg:rpm/mageia/nagstamon?distro=mageia-3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.9.9-1.2.mga3

Ecosystem specific

{
    "section": "core"
}