Mandriva Linux Security Advisory 2009-187 – statuswml.cgi in Nagios before 3.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) ping or (2) Traceroute parameters. This update provides nagios 3.1.2, which is not vulnerable to this issue.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/79954/MDVSA-2009-187.txt
Source: https://packetstormsecurity.com/files/79954/Mandriva-Linux-Security-Advisory-2009-187.html