// For flags

CVE-2014-1878

 

Severity Score

5.0
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Stack-based buffer overflow in the cmd_submitf function in cgi/cmd.c in Nagios Core, possibly 4.0.3rc1 and earlier, and Icinga before 1.8.6, 1.9 before 1.9.5, and 1.10 before 1.10.3 allows remote attackers to cause a denial of service (segmentation fault) via a long message to cmd.cgi.

Desbordamiento de buffer basado en pila en la función cmd_submitf en cgi/cmd.c en Nagios Core, posiblemente 4.0.3rc1 y anteriores e Icinga anterior a 1.8.6, 1.9 anterior a 1.9.5 y 1.10 anterior a 1.10.3 permite a atacantes remotos causar una denegación de servicio (fallo de segmentación) a través de un mensaje largo hacia cmd.cgi.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2014-02-06 CVE Reserved
  • 2014-02-28 CVE Published
  • 2023-10-11 EPSS Updated
  • 2024-08-06 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Icinga
Search vendor "Icinga"
Icinga
Search vendor "Icinga" for product "Icinga"
<= 1.8.5
Search vendor "Icinga" for product "Icinga" and version " <= 1.8.5"
-
Affected
Icinga
Search vendor "Icinga"
Icinga
Search vendor "Icinga" for product "Icinga"
1.8.0
Search vendor "Icinga" for product "Icinga" and version "1.8.0"
-
Affected
Icinga
Search vendor "Icinga"
Icinga
Search vendor "Icinga" for product "Icinga"
1.8.1
Search vendor "Icinga" for product "Icinga" and version "1.8.1"
-
Affected
Icinga
Search vendor "Icinga"
Icinga
Search vendor "Icinga" for product "Icinga"
1.8.2
Search vendor "Icinga" for product "Icinga" and version "1.8.2"
-
Affected
Icinga
Search vendor "Icinga"
Icinga
Search vendor "Icinga" for product "Icinga"
1.8.3
Search vendor "Icinga" for product "Icinga" and version "1.8.3"
-
Affected
Icinga
Search vendor "Icinga"
Icinga
Search vendor "Icinga" for product "Icinga"
1.8.4
Search vendor "Icinga" for product "Icinga" and version "1.8.4"
-
Affected
Icinga
Search vendor "Icinga"
Icinga
Search vendor "Icinga" for product "Icinga"
1.9.0
Search vendor "Icinga" for product "Icinga" and version "1.9.0"
-
Affected
Icinga
Search vendor "Icinga"
Icinga
Search vendor "Icinga" for product "Icinga"
1.9.1
Search vendor "Icinga" for product "Icinga" and version "1.9.1"
-
Affected
Icinga
Search vendor "Icinga"
Icinga
Search vendor "Icinga" for product "Icinga"
1.9.2
Search vendor "Icinga" for product "Icinga" and version "1.9.2"
-
Affected
Icinga
Search vendor "Icinga"
Icinga
Search vendor "Icinga" for product "Icinga"
1.9.3
Search vendor "Icinga" for product "Icinga" and version "1.9.3"
-
Affected
Icinga
Search vendor "Icinga"
Icinga
Search vendor "Icinga" for product "Icinga"
1.9.4
Search vendor "Icinga" for product "Icinga" and version "1.9.4"
-
Affected
Icinga
Search vendor "Icinga"
Icinga
Search vendor "Icinga" for product "Icinga"
1.10.0
Search vendor "Icinga" for product "Icinga" and version "1.10.0"
-
Affected
Icinga
Search vendor "Icinga"
Icinga
Search vendor "Icinga" for product "Icinga"
1.10.1
Search vendor "Icinga" for product "Icinga" and version "1.10.1"
-
Affected
Icinga
Search vendor "Icinga"
Icinga
Search vendor "Icinga" for product "Icinga"
1.10.2
Search vendor "Icinga" for product "Icinga" and version "1.10.2"
-
Affected
Nagios
Search vendor "Nagios"
Nagios
Search vendor "Nagios" for product "Nagios"
<= 4.0.3
Search vendor "Nagios" for product "Nagios" and version " <= 4.0.3"
rc1
Affected
Nagios
Search vendor "Nagios"
Nagios
Search vendor "Nagios" for product "Nagios"
4.0.0
Search vendor "Nagios" for product "Nagios" and version "4.0.0"
beta1
Affected
Nagios
Search vendor "Nagios"
Nagios
Search vendor "Nagios" for product "Nagios"
4.0.0
Search vendor "Nagios" for product "Nagios" and version "4.0.0"
beta2
Affected
Nagios
Search vendor "Nagios"
Nagios
Search vendor "Nagios" for product "Nagios"
4.0.0
Search vendor "Nagios" for product "Nagios" and version "4.0.0"
beta3
Affected
Nagios
Search vendor "Nagios"
Nagios
Search vendor "Nagios" for product "Nagios"
4.0.0
Search vendor "Nagios" for product "Nagios" and version "4.0.0"
beta4
Affected
Nagios
Search vendor "Nagios"
Nagios
Search vendor "Nagios" for product "Nagios"
4.0.2
Search vendor "Nagios" for product "Nagios" and version "4.0.2"
-
Affected