CVSS: 6.4EPSS: 1%CPEs: 36EXPL: 0CVE-2013-7205
https://notcve.org/view.php?id=CVE-2013-7205
Off-by-one error in the process_cgivars function in contrib/daemonchk.c in Nagios Core 3.5.1, 4.0.2, and earlier allows remote authenticated users to obtain sensitive information from process memory or cause a denial of service (crash) via a long string in the last key value in the variable list, which triggers a heap-based buffer over-read. Error de superación de límite (off-by-one) en la función process_cgivars en contrib/daemonchk.c en Nagios Core 3.5.1, 4.0.2 y anteriores, permite a usuarios autenticados remotamente obtener información sensible desde procesos de memoria o causar denegación de servicio (caída) a través de cadenas largas en el valor de la última clave en la lista de variables, lo cual lanza una sobre-lectura de buffer basada en memoria dinámica. • http://secunia.com/advisories/55976 http://sourceforge.net/p/nagios/nagioscore/ci/d97e03f32741a7d851826b03ed73ff4c9612a866 http://www.mandriva.com/security/advisories?name=MDVSA-2014:004 http://www.openwall.com/lists/oss-security/2013/12/24/1 http://www.securityfocus.com/bid/64489 https://lists.debian.org/debian-lts-announce/2018/12/msg00014.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 94%CPEs: 71EXPL: 1CVE-2013-7108 – Icinga - cgi/config.c process_cgivars Function Off-by-One Read Remote Denial of Service
https://notcve.org/view.php?id=CVE-2013-7108
Multiple off-by-one errors in Nagios Core 3.5.1, 4.0.2, and earlier, and Icinga before 1.8.5, 1.9 before 1.9.4, and 1.10 before 1.10.2 allow remote authenticated users to obtain sensitive information from process memory or cause a denial of service (crash) via a long string in the last key value in the variable list to the process_cgivars function in (1) avail.c, (2) cmd.c, (3) config.c, (4) extinfo.c, (5) histogram.c, (6) notifications.c, (7) outages.c, (8) status.c, (9) statusmap.c, (10) summary.c, and (11) trends.c in cgi/, which triggers a heap-based buffer over-read. Múltiples errores de superación de límite (off-by-one) en Nagios Core 3.5.1, 4.0.2 y anteriores, e Icinga anteriores a 1.8.5, 1.9 anteriores a 1.9.4 y 1.10 anteriores a 1.10.2 permite a usuarios autenticados remotamente obtener información sensible de procesos de memoria o causar denegación de servicio (caída) a través de una adena larga en el valor de la última clave en la lista de variables de la función process_cgivars en (1) avail.c, (2) cmd.c, (3) config.c, 84) extinfo.c, (5) histogram.c, (6) notifications.c, (7) outages.c, (8) status.c, (9) statusmap.c, (10) summary.c, y (11) trends.c en cgi/, lo cual lanza una sobre-lectura de buffer basado en memoria dinámica. • https://www.exploit-db.com/exploits/38882 http://lists.opensuse.org/opensuse-updates/2014-01/msg00010.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00028.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00046.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00068.html http://secunia.com/advisories/55976 http://secunia.com/advisories/56316 http://sourceforge.net/p/nagios/nagioscore/ci/d97e03f32741a7d851826b03ed73ff4c9612a866 http://www.mandriva.com/security/advisories& • CWE-20: Improper Input Validation •
CVSS: 6.3EPSS: 0%CPEs: 3EXPL: 0CVE-2013-4214 – core: html/rss-newsfeed.php insecure temporary file usage
https://notcve.org/view.php?id=CVE-2013-4214
rss-newsfeed.php in Nagios Core 3.4.4, 3.5.1, and earlier, when MAGPIE_CACHE_ON is set to 1, allows local users to overwrite arbitrary files via a symlink attack on /tmp/magpie_cache. rss-newsfeed.php en Nagios Core 3.4.4, 3.5.1, y anteriores versiones, cuando se establece MAGPIE_CACHE_ON en 1, permite a usuarios locales sobreescribir archivos arbitrarios a través de un ataque symlink en /tmp/magpie_cache. • http://rhn.redhat.com/errata/RHSA-2013-1526.html http://www.securityfocus.com/bid/61747 https://bugzilla.redhat.com/show_bug.cgi?id=958002 https://www.nagios.org/projects/nagios-core/history/4x https://access.redhat.com/security/cve/CVE-2013-4214 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-377: Insecure Temporary File •
CVSS: 7.5EPSS: 96%CPEs: 44EXPL: 5CVE-2012-6096 – Nagios3 - 'history.cgi' Host Command Execution
https://notcve.org/view.php?id=CVE-2012-6096
Multiple stack-based buffer overflows in the get_history function in history.cgi in Nagios Core before 3.4.4, and Icinga 1.6.x before 1.6.2, 1.7.x before 1.7.4, and 1.8.x before 1.8.4, might allow remote attackers to execute arbitrary code via a long (1) host_name variable (host parameter) or (2) svc_description variable. Múltiples desbordamientos de búfer basado en pila en la función get_history en history.cgi en Nagios core anterior a v3.4.4, y Icinga v1.6.x anterior a v1.6.2, v1.7.x anterior a v1.7.4, y v1.8.x anterior a v1.8.4, permite a atacantes remotos ejecutar código de su elección a través de una variable (1) host_name de gran longitud o (2) de la variable svc_description. Nagios version 3.x suffers from a remote command execution vulnerability in history.cgi. • https://www.exploit-db.com/exploits/24159 https://www.exploit-db.com/exploits/24084 http://lists.grok.org.uk/pipermail/full-disclosure/2012-December/089125.html http://lists.opensuse.org/opensuse-updates/2013-01/msg00033.html http://lists.opensuse.org/opensuse-updates/2013-01/msg00060.html http://lists.opensuse.org/opensuse-updates/2013-01/msg00077.html http://lists.opensuse.org/opensuse-updates/2013-01/msg00088.html http://secunia.com/advisories/51863 http://www.debian.org/security • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 4%CPEs: 65EXPL: 0CVE-2008-5027
https://notcve.org/view.php?id=CVE-2008-5027
The Nagios process in (1) Nagios before 3.0.5 and (2) op5 Monitor before 4.0.1 allows remote authenticated users to bypass authorization checks, and trigger execution of arbitrary programs by this process, via an (a) custom form or a (b) browser addon. El proceso Nagios en (1) Nagios anterior a v3.0.5 y (2) op5 Monitor anterior a v4.0.1 ; permite a usuarios autenticados en remoto evitar las comprobaciones de autorización y provocar la ejecución de ficheros de su elección por este proceso a través de (a) un formulario personalizado o (b) un complemento para el navegador. • http://marc.info/?l=bugtraq&m=124156641928637&w=2 http://secunia.com/advisories/33320 http://secunia.com/advisories/35002 http://security.gentoo.org/glsa/glsa-200907-15.xml http://sourceforge.net/mailarchive/forum.php?thread_name=4914396D.5010009%40op5.se&forum_name=nagios-devel http://www.nagios.org/development/history/nagios-3x.php http://www.op5.com/support/news/389-important-security-fix-available-for-op5-monitor http://www.openwall.com/lists/oss-security/2008/11/06/2 http&# • CWE-264: Permissions, Privileges, and Access Controls •