CVE-2016-6209

Published: 31 March 2017

Cross-site scripting (XSS) vulnerability in Nagios.

Notes

Author	Note
mdeslaur	upstream fix disables functionnality

6.1

Package	Release	Status
nagios3 Launchpad, Ubuntu, Debian	impish	Does not exist
	artful	Ignored (end of life)
	bionic	Needed
	cosmic	Does not exist
	disco	Does not exist
	groovy	Does not exist
	jammy	Does not exist
	hirsute	Does not exist
	xenial	Needed
	kinetic	Does not exist
	precise	Ignored (end of life)
	lunar	Does not exist
	eoan	Does not exist
	focal	Does not exist
	trusty	Does not exist (trusty was deferred [2018-04-20])
	upstream	Needed
	wily	Ignored (end of life)
	yakkety	Ignored (end of life)
	zesty	Ignored (end of life)
	Patches: upstream: https://github.com/NagiosEnterprises/nagioscore/commit/78b7bdde3ab4dec265879ff1b4d49a398bf3ba9c
icinga Launchpad, Ubuntu, Debian	impish	Does not exist
	upstream	Not vulnerable (corewindow not supported)
	trusty	Does not exist (trusty was not-affected [corewindow not supported])
	wily	Not vulnerable (corewindow not supported)
	xenial	Not vulnerable (corewindow not supported)
	yakkety	Not vulnerable (corewindow not supported)
	zesty	Not vulnerable (corewindow not supported)
	artful	Not vulnerable (corewindow not supported)
	bionic	Not vulnerable (corewindow not supported)
	cosmic	Not vulnerable (corewindow not supported)
	disco	Not vulnerable (corewindow not supported)
	eoan	Not vulnerable (corewindow not supported)
	focal	Does not exist
	groovy	Does not exist
	jammy	Does not exist
	hirsute	Does not exist
	kinetic	Does not exist
	precise	Not vulnerable (corewindow not supported)
	lunar	Does not exist

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.