Nagios Remote Content-Length Integer Overflow Vulnerability

Nagios Remote Content-Length Integer Overflow Vulnerability

Nagios is prone to a remote integer-overflow vulnerability. The application fails to properly ensure that user-supplied input doesn't overflow integer values. This may result in user-supplied data being copied past the end of a memory buffer.

This issue allows remote attackers to execute arbitrary machine code in the context of hosting webservers.

Nagios versions prior to 2.3.1 are vulnerable to this issue.

This issue is very similar to BID 17879 (Nagios Remote Negative Content-Length Buffer Overflow Vulnerability), but is a separate issue.