Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2162

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2006-2162
Last Modified 07 Mar 2011 09:35:28
Published 03 May 2006 05:02:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-2162

Summary

Buffer overflow in CGI scripts in Nagios 1.x before 1.4 and 2.x before 2.3 allows remote attackers to execute arbitrary code via a negative content length (Content-Length) HTTP header.

Vulnerable Systems

Application

  • Nagios 1.3

  • Nagios 2.2


References

CONFIRM - https://sourceforge.net/mailarchive/forum.php?thread_id=10297806&forum_id=7890

VUPEN - ADV-2006-1662

CONFIRM - http://www.nagios.org/development/changelog.php

XF - nagios-multiple-scripts-bo(26253)

UBUNTU - USN-282-1

BID - 17879

SUSE - SUSE-SR:2006:011

GENTOO - GLSA-200605-07

DEBIAN - DSA-1072

SECUNIA - 20247

SECUNIA - 20215

SECUNIA - 20013

SECUNIA - 19998

SECUNIA - 19991


Last Updated: 27 May 2016 10:42:22