Nagios history.cgi Remote Command Execution Vulnerability

No description provided by source. !/usr/bin/python CVE-2012-6096 - Nagios history.cgi Remote Command Execution =========================================================== Another year, another reincarnation of classic and trivial bugs to exploit. This time we attack Nagios.. or more specifically...

Nagios3 history.cgi Host Command Execution

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'rex' class...

Debian DSA-2653-1 : icinga - buffer overflow

It was discovered that Icinga, a host and network monitoring system, contains several buffer overflows in the history.cgi CGI program. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-2653...

DSA-2653-1 icinga - buffer overflow

Bulletin has no description...

Debian: Security Advisory (DSA-2653-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DSA-2616-1 nagios3 - buffer overflow vulnerability

Bulletin has no description...

Nagios 3 history.cgi Command Injection

Added: 01/28/2013 CVE: CVE-2012-6096 BID: 56879 OSVDB: 88322 Background Nagios is a network host and service monitoring and management system. Problem The Nagios history.cgi script is vulnerable to a stack overflow when parsing the host parameter. This may allow an attacker to execute arbitrary...

Nagios 3 history.cgi Command Injection

Added: 01/28/2013 CVE: CVE-2012-6096 BID: 56879 OSVDB: 88322 Background Nagios is a network host and service monitoring and management system. Problem The Nagios history.cgi script is vulnerable to a stack overflow when parsing the host parameter. This may allow an attacker to execute arbitrary...

Stack overflow

Multiple stack-based buffer overflows in the gethistory function in history.cgi in Nagios Core before 3.4.4, and Icinga 1.6.x before 1.6.2, 1.7.x before 1.7.4, and 1.8.x before 1.8.4, might allow remote attackers to execute arbitrary code via a long 1 hostname variable host parameter or 2...

CVE-2012-6096

Multiple stack-based buffer overflows in the gethistory function in history.cgi in Nagios Core before 3.4.4, and Icinga 1.6.x before 1.6.2, 1.7.x before 1.7.4, and 1.8.x before 1.8.4, might allow remote attackers to execute arbitrary code via a long 1 hostname variable host parameter or 2...

CVE-2012-6096

Removed by vendor...

Nagios Core history.cgi Multiple Parameter Buffer Overflow

The remote web server hosts a version of Nagios Core that is affected by a buffer overflow vulnerability. By sending a specially crafted request using the 'hostname' or 'svcdescription' parameter to 'history.cgi', a remote attacker may be able to execute arbitrary code or trigger a denial of...

Nagios3 history.cgi Host Command Execution

This module abuses a command injection vulnerability in the Nagios3 history.cgi script. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Nagios3 history.cgi Host Command Execution', 'Description...

Nagios history.cgi Parameter Buffer Overflow

A stack buffer overflow vulnerability exists in Nagios. The vulnerability is due to insufficient validation of the host parameter. An authenticated user can exploit this vulnerability by sending an overly long host value to the affected application...

FreeBSD : nagios -- buffer overflow in history.cgi (97c22a94-5b8b-11e2-b131-000c299b62e1)

full disclosure reports : history.cgi is vulnerable to a buffer overflow due to the use of sprintf with user-supplied data that has not been restricted in size. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the...

nagios -- buffer overflow in history.cgi

full disclosure reports: history.cgi is vulnerable to a buffer overflow due to the use of sprintf with user supplied data that has not been restricted in size...

Nagios Core 3.4.3 Buffer Overflow Vulnerability

Nagios Core version 3.4.3 suffers from a stack-based buffer overflow vulnerability in the history.cgi web interface. history.cgi is vulnerable to a buffer overflow due to the use of sprintf with user supplied data that has not been restricted in size. This vulnerability does not appear to be...