7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.968 High
EPSS
Percentile
99.7%
Debian Security Advisory DSA-2653-1 [email protected]
http://www.debian.org/security/ Florian Weimer
March 26, 2013 http://www.debian.org/security/faq
Package : icinga
Vulnerability : buffer overflow
Problem type : remote
Debian-specific: no
CVE ID : CVE-2012-6096
Debian Bug : 697931
It was discovered that Icinga, a host and network monitoring system,
contains several buffer overflows in the history.cgi CGI program.
For the stable distribution (squeeze), this problem has been fixed in
version 1.0.2-2+squeeze1.
For the testing distribution (wheezy), this problem has been fixed in
version 1.7.1-5.
For the unstable distribution (sid), this problem has been fixed in
version 1.7.1-5.
We recommend that you upgrade your icinga packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/
Mailing list: [email protected]
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 6 | all | icinga-dbg | < 1.0.2-2+squeeze1 | icinga-dbg_1.0.2-2+squeeze1_all.deb |
Debian | 6 | all | icinga-phpapi | < 1.0.2-2+squeeze1 | icinga-phpapi_1.0.2-2+squeeze1_all.deb |
Debian | 6 | all | icinga-cgi | < 1.0.2-2+squeeze1 | icinga-cgi_1.0.2-2+squeeze1_all.deb |
Debian | 6 | all | icinga-common | < 1.0.2-2+squeeze1 | icinga-common_1.0.2-2+squeeze1_all.deb |
Debian | 6 | all | icinga-doc | < 1.0.2-2+squeeze1 | icinga-doc_1.0.2-2+squeeze1_all.deb |
Debian | 6 | all | icinga-core | < 1.0.2-2+squeeze1 | icinga-core_1.0.2-2+squeeze1_all.deb |
Debian | 6 | all | icinga-idoutils | < 1.0.2-2+squeeze1 | icinga-idoutils_1.0.2-2+squeeze1_all.deb |
Debian | 6 | all | icinga | < 1.0.2-2+squeeze1 | icinga_1.0.2-2+squeeze1_all.deb |