Ubuntu
nagios3 package

Buffer overflow vulnerability in history.cgi

Bug #1106109 reported by Juan Gonzalez on 2013-01-26

256

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	nagios3 (Ubuntu)	Confirmed	Medium	Unassigned

Bug Description

I did not confirm this bug myself, I just wanted to relay the information. There is a buffer overflow bug that allows code execution in the CGI code in all nagios versions before the current (3.4.4).

Nagios' changelog indicating the bug has been fixed in the latest version:
http://www.nagios.org/projects/nagioscore/history/core-3x

NVD Info:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6096

See original description

CVE References

2012-6096

Juan Gonzalez (jj-gonzalez) on 2013-01-26

description:

updated

Juan Gonzalez (jj-gonzalez) on 2013-01-26

information type:

Private Security → Public Security

Yolanda Robla (yolanda.robla) on 2013-01-29

Changed in nagios3 (Ubuntu):
status:	New → Confirmed
importance:	Undecided → Medium

Report a bug

This report contains Public Security information

Everyone can see this security related information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntunagios3 package