Icinga cgi/config.c process_cgivars Function Off-by-one Read Remote DoS

2013-12-16T00:00:00
ID EDB-ID:38882
Type exploitdb
Reporter DTAG Group Information Security
Modified 2013-12-16T00:00:00

Description

Icinga cgi/config.c process_cgivars Function Off-by-one Read Remote DoS. CVE-2013-7108. Webapps exploit for cgi platform

                                        
                                            source: http://www.securityfocus.com/bid/64363/info

Icinga is prone to multiple memory-corruption vulnerabilities due to an off-by-one condition.

Attackers may exploit these issues to gain access to sensitive information or crash the affected application, denying service to legitimate users. 

http://www.example.com/cgi-bin/config.cgi?b=aaaa[..2000 times]