Nagios Core 'get_history()' Function Stack Based Buffer Overflow Vulnerability

Core Security Technologies has developed a working commercial exploit for its CORE IMPACT product. This exploit is not otherwise publicly available or known to be circulating in the wild.

The following example URI and exploit codes are available:

http://www.example.com/nagios/cgi-bin/history.cgi?host=aaaaaaa... (4000 'a's)


 

Privacy Statement
Copyright 2010, SecurityFocus