FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

nagios -- denial of service vulnerability

Affected packages
nagios < 3.5.1_3

Details

VuXML ID ba04a373-7d20-11e3-8992-00132034b086
Discovery 2013-12-20
Entry 2014-01-14

Eric Stanley reports:

Most CGIs previously incremented the input variable counter twice when it encountered a long key value. This could cause the CGI to read past the end of the list of CGI variables.

[source]

References

CVE Name CVE-2013-7108
CVE Name CVE-2013-7205
URL http://sourceforge.net/p/nagios/nagioscore/ci/d97e03f32741a7d851826b03ed73ff4c9612a866/
URL https://bugzilla.redhat.com/show_bug.cgi?id=1046113

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.