Lucene search
Ubuntu.comUB:CVE-2013-7205HistoryJan 15, 2014 - 12:00 a.m.
CVE-2013-7205
2014-01-1500:00:00
ubuntu.com
ubuntu.com
8
6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:N/A:P
0.018 Low
EPSS
Percentile
87.8%
Off-by-one error in the process_cgivars function in contrib/daemonchk.c in
Nagios Core 3.5.1, 4.0.2, and earlier allows remote authenticated users to
obtain sensitive information from process memory or cause a denial of
service (crash) via a long string in the last key value in the variable
list, which triggers a heap-based buffer over-read.
Bugs
Notes
| Author | Note |
|---|---|
| mdeslaur | nagios fix had an additional source file, so this CVE was split out from CVE-2013-7108. (contrib/daemonchk.c) |
Related
freebsd
freebsd
nagios -- denial of service vulnerability
2013-12-20 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : nagios (MDVSA-2014:004)
2014-01-19 00:00:00
FreeBSD : nagios -- denial of service vulnerability (ba04a373-7d20-11e3-8992-00132034b086)
2014-01-15 00:00:00
GLSA-201412-23 : Nagios: Multiple vulnerabilities
2014-12-15 00:00:00
mageia
mageia
Updated nagios package fixes security vulnerability
2014-01-17 04:22:05
openvas
openvas
Mageia: Security Advisory (MGASA-2014-0010)
2022-01-28 00:00:00
Gentoo Security Advisory GLSA 201412-23
2015-09-29 00:00:00
Ubuntu: Security Advisory (USN-3253-1)
2017-04-04 00:00:00
securityvulns
securityvulns
[ MDVSA-2014:004 ] nagios
2014-01-19 00:00:00
Deutsche Telekom CERT Advisory [DTC-A-20140324-004] nagios vulnerability
2014-05-05 00:00:00
gentoo
gentoo
Nagios: Multiple vulnerabilities
2014-12-13 00:00:00
ubuntu
ubuntu
Nagios regression
2017-06-07 00:00:00
Nagios vulnerabilities
2017-04-03 00:00:00
ibm
ibm
Security Bulletin: Vulnerabilities in nagios affect PowerKVM
2018-06-18 01:38:44
Security Bulletin: Vulnerabilities in nagios affect PowerKVM
2018-06-18 01:33:23
osv
osv
nagios3 - security update
2018-12-24 00:00:00
icinga - security update
2014-09-24 00:00:00
icinga - security update
2014-06-11 00:00:00
debian
debian
[SECURITY] [DLA 1615-1] nagios3 security update
2018-12-24 18:11:01
[SECURITY] [DLA 60-1] icinga security update
2014-09-24 16:14:21
[SECURITY] [DSA 2956-1] icinga security update
2014-06-11 14:34:20
prion
prion
Heap overflow
2014-01-15 16:08:00
Heap overflow
2014-01-15 16:08:00
cve
cve
CVE-2013-7108
2014-01-15 16:08:00
CVE-2013-7205
2014-01-15 16:08:00
checkpoint_advisories
checkpoint_advisories
Nagios core CGI Process_cgivars Off-By-One (CVE-2013-7108)
2014-03-16 00:00:00
alpinelinux
alpinelinux
CVE-2013-7108
2014-01-15 16:08:00
CVE-2013-7205
2014-01-15 16:08:00
ubuntucve
ubuntucve
CVE-2013-7108
2014-01-15 00:00:00
debiancve
debiancve
CVE-2013-7108
2014-01-15 16:08:00
amazon
amazon
Important: nagios
2017-10-03 11:00:00
6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:N/A:P
0.018 Low
EPSS
Percentile
87.8%
Related for UB:CVE-2013-7205