Published: 10 November 2008
The Nagios process in (1) Nagios before 3.0.5 and (2) op5 Monitor before 4.0.1 allows remote authenticated users to bypass authorization checks, and trigger execution of arbitrary programs by this process, via an (a) custom form or a (b) browser addon.
Nagios 1.x doesn't have the CHANGE commands, so authenticated users wouldn't be able to trigger arbitrary programs. They could bypass authorization checks by submitting commands with linefeeds though. Also see CVE-2008-6373