It was discovered that Nagios did not properly parse certain commands
submitted using the WAP web interface. An authenticated user could exploit
this flaw and execute arbitrary programs on the server.
I use Nagios Core 3.5.1. In order to skip the HTTP authentication (guest user without password could also be tedious), I turn off the Nagios authentication based on this article. (even though turning off authentication is not recommended in any situation)
The great thing right now is every one could go to my Nagios address to view, but not able to change anything.
I had just installed NAGIOS 2.x using my yum i know i am using old version of it,but later i will upgrade it.
i am facing problem regarding web interface of nagios means when ever i click on any option in the web interface i got this permission issues message which irritating me alot because i allowed everything in my nagios.conf file but sill i am getting this message