Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
alpinelinuxAlpine Linux Development TeamALPINE:CVE-2013-7108
HistoryJan 15, 2014 - 4:08 p.m.

CVE-2013-7108

2014-01-1516:08:00
Alpine Linux Development Team
security.alpinelinux.org
10

5.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:N/A:P

JSON

Multiple off-by-one errors in Nagios Core 3.5.1, 4.0.2, and earlier, and Icinga before 1.8.5, 1.9 before 1.9.4, and 1.10 before 1.10.2 allow remote authenticated users to obtain sensitive information from process memory or cause a denial of service (crash) via a long string in the last key value in the variable list to the process_cgivars function in (1) avail.c, (2) cmd.c, (3) config.c, (4) extinfo.c, (5) histogram.c, (6) notifications.c, (7) outages.c, (8) status.c, (9) statusmap.c, (10) summary.c, and (11) trends.c in cgi/, which triggers a heap-based buffer over-read.

OSVersionArchitecturePackageVersionFilename
Alpine3.12-mainnoarchnagios= 3.5.1-r6UNKNOWN
Alpine3.11-mainnoarchnagios= 3.5.1-r6UNKNOWN

Related

nessus 13
securityvulns 7
openvas 9
prion 1
cve 1
checkpoint_advisories 1
ubuntucve 2
debiancve 1
mageia 1
debian 3
osv 3
freebsd 1
gentoo 1
ubuntu 2
ibm 2
amazon 1
nessus
nessus
openSUSE Security Update : icinga (openSUSE-SU-2014:0069-1)
2014-06-13 00:00:00
SuSE 11.2 / 11.3 Security Update : nagios (SAT Patch Numbers 8726 / 8727)
2014-01-29 00:00:00
openSUSE Security Update : icinga (openSUSE-SU-2014:0097-1)
2014-06-13 00:00:00
securityvulns
securityvulns
Deutsche Telekom CERT Advisory [DTC-A-20140324-004] nagios vulnerability
2014-05-05 00:00:00
[ MDVSA-2014:004 ] nagios
2014-01-19 00:00:00
Deutsche Telekom CERT Advisory [DTC-A-20140324-003] vulnerabilities in icinga
2014-05-05 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2014:0156-1)
2021-06-09 00:00:00
Debian: Security Advisory (DLA-60-1)
2023-03-08 00:00:00
Mageia: Security Advisory (MGASA-2014-0010)
2022-01-28 00:00:00
prion
prion
Heap overflow
2014-01-15 16:08:00
cve
cve
CVE-2013-7108
2014-01-15 16:08:00
checkpoint_advisories
checkpoint_advisories
Nagios core CGI Process_cgivars Off-By-One (CVE-2013-7108)
2014-03-16 00:00:00
ubuntucve
ubuntucve
CVE-2013-7108
2014-01-15 00:00:00
CVE-2013-7205
2014-01-15 00:00:00
debiancve
debiancve
CVE-2013-7108
2014-01-15 16:08:00
mageia
mageia
Updated nagios package fixes security vulnerability
2014-01-17 04:22:05
debian
debian
[SECURITY] [DLA 60-1] icinga security update
2014-09-24 16:14:21
[SECURITY] [DSA 2956-1] icinga security update
2014-06-11 14:34:20
[SECURITY] [DLA 1615-1] nagios3 security update
2018-12-24 18:11:01
osv
osv
icinga - security update
2014-09-24 00:00:00
nagios3 - security update
2018-12-24 00:00:00
icinga - security update
2014-06-11 00:00:00
freebsd
freebsd
nagios -- denial of service vulnerability
2013-12-20 00:00:00
gentoo
gentoo
Nagios: Multiple vulnerabilities
2014-12-13 00:00:00
ubuntu
ubuntu
Nagios regression
2017-06-07 00:00:00
Nagios vulnerabilities
2017-04-03 00:00:00
ibm
ibm
Security Bulletin: Vulnerabilities in nagios affect PowerKVM
2018-06-18 01:38:44
Security Bulletin: Vulnerabilities in nagios affect PowerKVM
2018-06-18 01:33:23
amazon
amazon
Important: nagios
2017-10-03 11:00:00

5.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:N/A:P

JSON
Related for ALPINE:CVE-2013-7108
nessus13securityvulns7openvas9prion1cve1checkpoint_advisories1ubuntucve2debiancve1mageia1debian3osv3freebsd1gentoo1ubuntu2ibm2amazon1