Mandriva Linux Security Advisory - A number of vulnerabilities were found in Nagios and Nagios Plugins that are corrected with the latest version of both, as provided in this update. These vulnerabilities are buffer overflows and cross site scripting flaws.
2f4d9c1c499d12bd735b9a54fb90639a6cd4fbc44aa5941702b3ee06c2c99113
Debian Security Advisory 1495-2 - A problem with the build system of the nagios-plugins package from old stable (Sarge) lead to check_procs not being included for the i386 architecture. This update fixes this regression. Several local/remote vulnerabilities had been discovered in two of the plugins for the Nagios network monitoring and management system.
f9f1ad771d269baff1cb5f1d569d1fe5a4f6408fb340f112ed84ff1ebb800d07
Debian Security Advisory 1495-1 - Several local/remote vulnerabilities have been discovered in two of the plugins for the Nagios network monitoring and management system. A buffer overflow has been discovered in the parser for HTTP Location headers (present in the check_http module). A buffer overflow has been discovered in the check_snmp module.
b718f3d850c7ae2b639d85c965fdb86e849f7b2350eb8bf95e90b635271d3450
Gentoo Linux Security Advisory GLSA 200711-11 - fabiodds reported a boundary checking error in the check_snmp plugin when processing SNMP GET replies that could lead to a stack-based buffer overflow. Nobuhiro Ban reported a boundary checking error in the redir() function of the check_http plugin when processing HTTP Location: header information which might lead to a buffer overflow. Versions less than 1.4.10-r1 are affected.
fa85ce9af9a76f2a21e21469d1b003de6f96e6770b9a6f89157354edbf19b523
Ubuntu Security Notice 532-1 - Nobuhiro Ban discovered that check_http in nagios-plugins did not properly sanitize its input when following redirection requests. A malicious remote web server could cause a denial of service or possibly execute arbitrary code as the user. Aravind Gottipati discovered that sslutils.c in nagios-plugins did not properly reset pointers to NULL. A malicious remote web server could cause a denial of service. Aravind Gottipati discovered that check_http in nagios-plugins did not properly calculate how much memory to reallocate when following redirection requests. A malicious remote web server could cause a denial of service.
677e5058f12e473d485da0af4be16886fabcf37a7ba5d0487a4a71af1f170bd9