CVE-2012-6096: Buffer Overflow
First published: Wed Jan 09 2013(Updated: )
It was reported [1] that Nagios Core's history.cgi is vulnerable to a buffer overflow because it used sprintf on user-supplied data that was not restricted in size. Due to various protections of the operating system (history.cgi is compiled with SSP, FORTIFY_SOURCE is enabled, etc.) this is not believed to be exploitable and would result in a denial of service to the user sending the input to history.cgi. This has been fixed in svn (r2547)[2]. [1] <a href="http://archives.neohapsis.com/archives/fulldisclosure/2012-12/0108.html">http://archives.neohapsis.com/archives/fulldisclosure/2012-12/0108.html</a> [2] <a href="http://nagios.svn.sourceforge.net/viewvc/nagios?view=revision&revision=2547">http://nagios.svn.sourceforge.net/viewvc/nagios?view=revision&revision=2547</a>
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Nagios Nagios | <=3.4.3 | |
| Nagios Nagios | =3.0 | |
| Nagios Nagios | =3.0-alpha1 | |
| Nagios Nagios | =3.0-alpha2 | |
| Nagios Nagios | =3.0-alpha3 | |
| Nagios Nagios | =3.0-alpha4 | |
| Nagios Nagios | =3.0-alpha5 | |
| Nagios Nagios | =3.0-beta1 | |
| Nagios Nagios | =3.0-beta2 | |
| Nagios Nagios | =3.0-beta3 | |
| Nagios Nagios | =3.0-beta4 | |
| Nagios Nagios | =3.0-beta5 | |
| Nagios Nagios | =3.0-beta6 | |
| Nagios Nagios | =3.0-beta7 | |
| Nagios Nagios | =3.0-rc1 | |
| Nagios Nagios | =3.0-rc2 | |
| Nagios Nagios | =3.0-rc3 | |
| Nagios Nagios | =3.0.1 | |
| Nagios Nagios | =3.0.2 | |
| Nagios Nagios | =3.0.3 | |
| Nagios Nagios | =3.0.4 | |
| Nagios Nagios | =3.0.5 | |
| Nagios Nagios | =3.0.6 | |
| Nagios Nagios | =3.1.0 | |
| Nagios Nagios | =3.1.1 | |
| Nagios Nagios | =3.1.2 | |
| Nagios Nagios | =3.2.0 | |
| Nagios Nagios | =3.2.1 | |
| Nagios Nagios | =3.2.2 | |
| Nagios Nagios | =3.2.3 | |
| Nagios Nagios | =3.3.1 | |
| Nagios Nagios | =3.4.0 | |
| Nagios Nagios | =3.4.1 | |
| Nagios Nagios | =3.4.2 | |
| Icinga Icinga | =1.6.0 | |
| Icinga Icinga | =1.6.1 | |
| Icinga Icinga | =1.7.0 | |
| Icinga Icinga | =1.7.1 | |
| Icinga Icinga | =1.7.2 | |
| Icinga Icinga | =1.7.3 | |
| Icinga Icinga | =1.8.0 | |
| Icinga Icinga | =1.8.1 | |
| Icinga Icinga | =1.8.2 | |
| Icinga Icinga | =1.8.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://archives.neohapsis.com/archives/fulldisclosure/2012-12/0108.html
- http://nagios.svn.sourceforge.net/viewvc/nagios?view=revision&revision=2547
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=893270
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=893271
- http://www.nagios.org/news/77-news-announcements/346-nagios-core-344-released
- http://www.nagios.org/projects/nagioscore/history/core-3x
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=408
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=401
- http://archives.neohapsis.com/archives/fulldisclosure/2012-1/0108.html
- https://bugzilla.redhat.com/show_bug.cgi?id=893269
- http://lists.grok.org.uk/pipermail/full-disclosure/2012-December/089125.html
- http://lists.opensuse.org/opensuse-updates/2013-01/msg00033.html
- http://lists.opensuse.org/opensuse-updates/2013-01/msg00060.html
- http://lists.opensuse.org/opensuse-updates/2013-01/msg00077.html
- http://lists.opensuse.org/opensuse-updates/2013-01/msg00088.html
- http://secunia.com/advisories/51863
- http://www.debian.org/security/2013/dsa-2616
- http://www.debian.org/security/2013/dsa-2653
- http://www.exploit-db.com/exploits/24084
- http://www.exploit-db.com/exploits/24159
- http://www.osvdb.org/89170
- http://www.securityfocus.com/bid/56879
- https://dev.icinga.org/issues/3532
- https://www.icinga.org/2013/01/14/icinga-1-6-2-1-7-4-1-8-4-released/
- collector/nvd-index
- agent/severity
- agent/references
- agent/author
- agent/type
- agent/event
- agent/description
- agent/first-publish-date
- agent/tags
- agent/last-modified-date
- agent/softwarecombine
- agent/weakness
- collector/mitre-cve
- source/MITRE
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2012-6096
- vendor/nagios
- canonical/nagios nagios
- version/nagios nagios/3.4.3
- version/nagios nagios/3.0
- version/nagios nagios/3.0-alpha1
- version/nagios nagios/3.0-alpha2
- version/nagios nagios/3.0-alpha3
- version/nagios nagios/3.0-alpha4
- version/nagios nagios/3.0-alpha5
- version/nagios nagios/3.0-beta1
- version/nagios nagios/3.0-beta2
- version/nagios nagios/3.0-beta3
- version/nagios nagios/3.0-beta4
- version/nagios nagios/3.0-beta5
- version/nagios nagios/3.0-beta6
- version/nagios nagios/3.0-beta7
- version/nagios nagios/3.0-rc1
- version/nagios nagios/3.0-rc2
- version/nagios nagios/3.0-rc3
- version/nagios nagios/3.0.1
- version/nagios nagios/3.0.2
- version/nagios nagios/3.0.3
- version/nagios nagios/3.0.4
- version/nagios nagios/3.0.5
- version/nagios nagios/3.0.6
- version/nagios nagios/3.1.0
- version/nagios nagios/3.1.1
- version/nagios nagios/3.1.2
- version/nagios nagios/3.2.0
- version/nagios nagios/3.2.1
- version/nagios nagios/3.2.2
- version/nagios nagios/3.2.3
- version/nagios nagios/3.3.1
- version/nagios nagios/3.4.0
- version/nagios nagios/3.4.1
- version/nagios nagios/3.4.2
- vendor/icinga
- canonical/icinga icinga
- version/icinga icinga/1.6.0
- version/icinga icinga/1.6.1
- version/icinga icinga/1.7.0
- version/icinga icinga/1.7.1
- version/icinga icinga/1.7.2
- version/icinga icinga/1.7.3
- version/icinga icinga/1.8.0
- version/icinga icinga/1.8.1
- version/icinga icinga/1.8.2
- version/icinga icinga/1.8.3