20 matches found
Debian: Security Advisory (DLA-60-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2014-0186)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-1615-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-1615-1 : nagios3 security update
Several issues were corrected in nagios3, a monitoring and management system for hosts, services and networks. CVE-2018-18245 Maximilian Boehner of usd AG found a cross-site scripting XSS vulnerability in Nagios Core. This vulnerability allows attackers to place malicious JavaScript code into the...
[SECURITY] [DLA 1615-1] nagios3 security update
Package : nagios3 Version : 3.5.1.dfsg-2+deb8u1 CVE ID : CVE-2013-7108 CVE-2013-7205 CVE-2014-1878 CVE-2016-9566 CVE-2018-18245 Debian Bug : 771466 823721 917138 Several issues were corrected in nagios3, a monitoring and management system for hosts, services and networks. CVE-2018-18245 Maximilia...
Ubuntu: Security Advisory (USN-3253-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 14.04 LTS / 16.04 LTS : Nagios regression (USN-3253-2)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3253-2 advisory. USN-3253-1 fixed vulnerabilities in Nagios. The update prevented log files from being displayed in the web interface. This update fixes the problem. W...
Ubuntu 14.04 LTS / 16.04 LTS : Nagios vulnerabilities (USN-3253-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3253-1 advisory. It was discovered that Nagios incorrectly handled certain long strings. A remote authenticated attacker could use this issue to cause Nagios ...
Ubuntu: Security Advisory (USN-3253-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 461-1] nagios3 security update
Package : nagios3 Version : 3.4.1-3+deb7u2 CVE ID : CVE-2014-1878 A stack-based buffer overflow in the cmdsubmitf function in cgi/cmd.c in Nagios, a monitoring and management system for hosts, services and networks, allowed remote attackers to cause a denial of service segmentation fault via a lo...
Debian DLA-60-1 : icinga security update
Two fixes for the Classic UI : - fix off-by-one memory access in processcgivars CVE-2013-7108 - prevent possible buffer overflows in cmd.cgi CVE-2014-1878 NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to...
[SECURITY] [DLA 60-1] icinga security update
Package : icinga Version : 1.0.2-2+squeeze2 CVE ID : CVE-2013-7108 CVE-2014-1878 Two fixes for the Classic UI: - fix off-by-one memory access in processcgivars CVE-2013-7108 - prevent possible buffer overflows in cmd.cgi CVE-2014-1878...
DLA-60-1 icinga - security update
Bulletin has no description...
[SECURITY] [DSA 2956-1] icinga security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2956-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff June 11, 2014 http://www.debian.org/security/faq -...
openSUSE Security Update : nagios (openSUSE-SU-2014:0516-1)
Nagios was updated to fix a stack-based buffer overflow in the cmdsubmitf function in the CGI handler. CVE-2014-1878 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2014-291. The text...
[SECURITY] [DSA 2956-1] icinga security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2956-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff June 11, 2014 http://www.debian.org/security/faq -...
SuSE 11.3 Security Update : nagios (SAT Patch Number 9071)
The monitoring service Nagios has been updated to fix potential buffer overflows in its CGI scripts. CVE-2014-1878 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is copyrig...
Updated nagios packages fix CVE-2014-1878
Updated nagios packages fix security vulnerability: Stack-based buffer overflow in the cmdsubmitf function in cgi/cmd.c in Nagios Core, possibly 4.0.3rc1 and earlier, and Icinga before 1.8.6, 1.9 before 1.9.5, and 1.10 before 1.10.3 allows remote attackers to cause a denial of service segmentatio...
CVE-2014-1878
Stack-based buffer overflow in the cmdsubmitf function in cgi/cmd.c in Nagios Core, possibly 4.0.3rc1 and earlier, and Icinga before 1.8.6, 1.9 before 1.9.5, and 1.10 before 1.10.3 allows remote attackers to cause a denial of service segmentation fault via a long message to cmd.cgi...
CVE-2014-1878
The CVE-2014-1878 entry concerns a stack-based buffer overflow in the cmd_submitf function of cgi/cmd.c used by Nagios Core (affected up to 4.0.3rc1) and Icinga (before 1.8.6, 1.9 before 1.9.5, 1.10 before 1.10.3). The root cause is improper bounds checking when handling a long message sent to cm...