Nagios Remote Negative Content-Length Buffer Overflow Vulnerability

Nagios is susceptible to a remote buffer-overflow vulnerability. This issue is due to the application's failure to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.

This issue allows remote attackers to execute arbitrary machine code in the context of hosting webservers.

Nagios versions prior to 2.3 in the 2.x series, and versions prior to 1.4 in the 1.x series are vulnerable to this issue.


 

Privacy Statement
Copyright 2010, SecurityFocus