GLSA-200711-11 : Nagios Plugins: Two buffer overflows

The remote host is affected by the vulnerability described in GLSA-200711-11 Nagios Plugins: Two buffer overflows fabiodds reported a boundary checking error in the 'checksnmp' plugin when processing SNMP 'GET' replies that could lead to a stack-based buffer overflow CVE-2007-5623. Nobuhiro Ban...

Nagios Plugins: Two buffer overflows

Background The Nagios Plugins are an official set of plugins for Nagios, an open source host, service and network monitoring program. Description fabiodds reported a boundary checking error in the "checksnmp" plugin when processing SNMP "GET" replies that could lead to a stack-based buffer overfl...

Fedora 8 : nagios-plugins-1.4.8-9.fc8 (2007-2876)

Fri Oct 26 2007 Mike McGrath 1.4.8-9 - Fix for Bug 348731 and CVE-2007-5623 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

Fedora 7 : nagios-plugins-1.4.8-9.fc7 (2007-2713)

Fri Oct 26 2007 Mike McGrath 1.4.8-9 - Fix for Bug 348731 and CVE-2007-5623 - Wed Aug 22 2007 Mike McGrath 1.4.8-7 - Rebuild for BuildID - License change - Fri Aug 10 2007 Mike McGrath 1.4.8-6 - Fix for checklinuxraid - 234416 - Fix for checkidedisk - 251635 - Tue Aug 7 2007 Mike McGrath 1.4.8-2...

[SECURITY] Fedora Core 6 Update: flac-1.1.2-28

FLAC stands for Free Lossless Audio Codec. Grossly oversimplified, FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, flac, a command-line program to encode and decode FLAC files, metaflac, a command-line...

[SECURITY] Fedora 7 Update: pidgin-2.2.2-1.fc7

Pidgin allows you to talk to anyone using a variety of messaging protocols including AIM, MSN, Yahoo!, Jabber, Bonjour, Gadu-Gadu, ICQ, IRC, Novell Groupwise, QQ, Lotus Sametime, SILC, Simple and Zephyr. These protocols are implemented using a modular, easy to use design. To use a protocol, just...

[SECURITY] Fedora 7 Update: nagios-plugins-1.4.8-9.fc7

Nagios is a program that will monitor hosts and services on your network, and to email or page you when a problem arises or is resolved. Nagios runs on a Unix server as a background or daemon process, intermittently running checks on various services that you specify. The actual service checks ar...

Nagios Plugins SNMP GET回复远程缓冲区溢出漏洞

Nagios Plugins是一款用于监视网络和服务状况的应用软件。 Nagios Plugins当解析snmpget回复时checksnmp存在缓冲区溢出，远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 在从snmpget回复中拷贝perfstr字符数组缺少正确的边界检查，可导致checksnmp函数处理时触发缓冲区溢出，精心构建回复消息可能以应用程序进程权限执行任意指令。 Nagios Plugins 1.4.10 可参考如下链接获得补丁程序：...

CVE-2007-5623

Buffer overflow in the checksnmp function in Nagios Plugins nagios-plugins 1.4.10 allows remote attackers to cause a denial of service crash via crafted snmpget replies...

Buffer overflow

Buffer overflow in the checksnmp function in Nagios Plugins nagios-plugins 1.4.10 allows remote attackers to cause a denial of service crash via crafted snmpget replies...

CVE-2007-5623

Buffer overflow in the checksnmp function in Nagios Plugins nagios-plugins 1.4.10 allows remote attackers to cause a denial of service crash via crafted snmpget replies...

CVE-2007-5623

Buffer overflow in the checksnmp function in Nagios Plugins nagios-plugins 1.4.10 allows remote attackers to cause a denial of service crash via crafted snmpget replies...

CVE-2007-5623

CVE-2007-5623 is connected to Nagios Plugins (nagios-plugins) via a buffer overflow in check_snmp that permits a remote crash through crafted snmpget replies, with CVE-2007-5198 also appearing in related entries for check_http. The OpenVAS/NASL records consistently reference nagios-plugins and id...

USN-532-1: nagios-plugins vulnerability

Nobuhiro Ban discovered that checkhttp in nagios-plugins did not properly sanitize its input when following redirection requests. A malicious remote web server could cause a denial of service or possibly execute arbitrary code as the user. CVE-2007-5198 Aravind Gottipati discovered that sslutils....

DTSA-67-1 nagios-plugins - multiple stack based vulnerabilities

Bulletin has no description...

openSUSE 10 Security Update : libextractor (libextractor-1426)

Fix heap overflow in the asf plugin CVE-2006-2458 176280. Fix heap overflow in the qt plugin CVE-2006-2458 176280. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update libextractor-1426. The text...

FreeBSD : nagios-plugins -- Long Location Header Buffer Overflow Vulnerability (7453c85d-7830-11dc-b4c8-0016179b2dd5)

A Secunia Advisory reports : The vulnerability is caused due to a boundary error within the redir function in checkhttp.c when processing HTTP Location : header information. This can be exploited to cause a buffer overflow by returning an overly long string in the 'Location:' header to a vulnerab...

CVE-2007-5198

Buffer overflow in the redir function in checkhttp.c in Nagios Plugins before 1.4.10, when running with the -f follow option, allows remote web servers to execute arbitrary code via Location header responses redirects with a large number of leading "L" characters...

CVE-2007-5198

Buffer overflow in the redir function in checkhttp.c in Nagios Plugins before 1.4.10, when running with the -f follow option, allows remote web servers to execute arbitrary code via Location header responses redirects with a large number of leading "L" characters...

Buffer overflow

Buffer overflow in the redir function in checkhttp.c in Nagios Plugins before 1.4.10, when running with the -f follow option, allows remote web servers to execute arbitrary code via Location header responses redirects with a large number of leading "L" characters...