LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Kernel prepatch 3.9-rc6

LWN.net Weekly Edition for April 4, 2013

LWN.net Weekly Edition for March 28, 2013

A kernel change breaks GlusterFS

PyCon: Evangelizing Python

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

nagios: code execution

Package(s):nagios CVE #(s):CVE-2012-6096
Created:January 23, 2013 Updated:March 27, 2013
Description: From the CVE entry:

Multiple stack-based buffer overflows in the get_history function in history.cgi in Nagios Core before 3.4.4, and Icinga 1.6.x before 1.6.2, 1.7.x before 1.7.4, and 1.8.x before 1.8.4, might allow remote attackers to execute arbitrary code via a long (1) host_name variable (host parameter) or (2) svc_description variable.

Alerts:
Fedora FEDORA-2013-0732 2013-01-23
Fedora FEDORA-2013-0753 2013-01-23
Fedora FEDORA-2013-0752 2013-01-23
openSUSE openSUSE-SU-2013:0140-1 2013-01-23
openSUSE openSUSE-SU-2013:0169-1 2013-01-23
openSUSE openSUSE-SU-2013:0188-1 2013-01-23
openSUSE openSUSE-SU-2013:0206-1 2013-01-29
Debian DSA-2616-1 2013-02-03
Mageia MGASA-2013-0039 2013-02-08
Mandriva MDVSA-2013:028 2013-03-18
Debian DSA-2653-1 2013-03-26
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds