Mandrake Security Advisory MDVSA-2009:187 (nagios)

The remote host is missing an update to nagios announced via advisory MDVSA-2009:187.
To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
A vulnerability has been found and corrected in nagios: statuswml.cgi in Nagios before 3.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) ping or (2) Traceroute parameters (CVE-2009-2288). This update provides nagios 3.1.2, which is not vulnerable to this issue. Affected: Corporate 4.0, Enterprise Server 5.0