6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.6 High
AI Score
Confidence
Low
0.02 Low
EPSS
Percentile
89.1%
Nobuhiro Ban discovered that check_http in nagios-plugins did
not properly sanitize its input when following redirection
requests. A malicious remote web server could cause a denial
of service or possibly execute arbitrary code as the user.
(CVE-2007-5198)
Aravind Gottipati discovered that sslutils.c in nagios-plugins
did not properly reset pointers to NULL. A malicious remote web
server could cause a denial of service.
Aravind Gottipati discovered that check_http in nagios-plugins
did not properly calculate how much memory to reallocate when
following redirection requests. A malicious remote web server
could cause a denial of service.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 6.06 | noarch | nagios-plugins | < 1.4.2-5ubuntu3.1 | UNKNOWN |
Ubuntu | 6.06 | noarch | nagios-plugins-basic | < 1.4.2-5ubuntu3.1 | UNKNOWN |
Ubuntu | 6.06 | noarch | nagios-plugins-standard | < 1.4.2-5ubuntu3.1 | UNKNOWN |