SUSE CVE-2007-5198

Buffer overflow in the redir function in checkhttp.c in Nagios Plugins before 1.4.10, when running with the -f follow option, allows remote web servers to execute arbitrary code via Location header responses redirects with a large number of leading "L" characters...

NRPE metacharacter filtering omission (important)

NRPE the Nagios Remote Plug-In Executor allows the passing of $ to plugins/scripts which, if run under bash, will execute that shell command under a subprocess and pass the output as a parameter to the called script. Using this, it is possible to get called scripts, such as checkhttp, to execute...

SuSE9 Security Update : nagios plugins (YOU Patch Number 11953)

fix possible buffer overflow during HTTP Location header parsing in checkhttp CVE-2007-5198 fix possible buffer overflow during snmpget parsing in checksnmp. CVE-2007-5623 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...

Debian DSA-1495-1 : nagios-plugins - buffer overflows

Several local/remote vulnerabilities have been discovered in two of the plugins for the Nagios network monitoring and management system. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-5198 A buffer overflow has been discovered in the parser for HTT...

Nagios plugins multiple security vulnerabilities

Buffer overflows in checksnmp and checkhttp on server reply parsing...

USN-532-1: nagios-plugins vulnerability

Nobuhiro Ban discovered that checkhttp in nagios-plugins did not properly sanitize its input when following redirection requests. A malicious remote web server could cause a denial of service or possibly execute arbitrary code as the user. CVE-2007-5198 Aravind Gottipati discovered that sslutils....