Gentoo Linux Security Advisory 201412-23 - Multiple vulnerabilities have been found in Nagios, the worst of which may allow remote code execution. Versions less than 3.5.1 are affected.
a782c7e79db993504cb1a30fa333d074610dec108ee4a2d4bfd82116d9c93da3Debian Linux Security Advisory 2653-1 - It was discovered that Icinga, a host and network monitoring system, contains several buffer overflows in the history.cgi CGI program.
188c6990c5d7d4e8af29ece4784c5270cb5b7f19552d94beb18872c90df1f07bMandriva Linux Security Advisory 2013-028 - Multiple stack-based buffer overflows in the get_history function in history.cgi in Nagios Core before 3.4.4, and Icinga 1.6.x before 1.6.2, 1.7.x before 1.7.4, and 1.8.x before 1.8.4, might allow remote attackers to execute arbitrary code via a long host_name variable svc_description variable. The updated packages have been patched to correct this issue.
92159bed908d90201ccd67aa806df2fd0aee85b7350ebb73a865dc48241f7458Debian Linux Security Advisory 2616-1 - A buffer overflow problem has been found in nagios3, a host/service/network monitoring and management system. A malicious client could craft a request to history.cgi and cause application crashes.
94fe7d4f8116cd232b2b5f6120e46ee430dead6ac2bfe48cb05d7e18f091d876This Metasploit module abuses a command injection vulnerability in the Nagios3 history.cgi script.
2d998e6af394b654b4e6c4d7e3889f719c9559d52bd93cdc30862fc829af9295Nagios version 3.x suffers from a remote command execution vulnerability in history.cgi.
e9958b0f049ad1bc4400634ee8177ed434f1a56da56c38cae3879f16f2a207c8
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed