Novell Home

CVE-2014-1878

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2014-1878 at MITRE

Description

Stack-based buffer overflow in the cmd_submitf function in cgi/cmd.c in Nagios Core, possibly 4.0.3rc1 and earlier, and Icinga before 1.8.6, 1.9 before 1.9.5, and 1.10 before 1.10.3 allows remote attackers to cause a denial of service (segmentation fault) via a long message to cmd.cgi.

NVD CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)

Novell/SUSE information

Novell Bugzilla entry: 864843

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Server 11 SP1
  • nagios-debuginfo >= 3.0.6-1.25.36.1
Builds
SAT Patch Nr: 9067
SLE 11 SP3 DEBUGINFO
  • nagios-debuginfo >= 3.0.6-1.25.36.1
  • nagios-debugsource >= 3.0.6-1.25.36.1
Builds
SAT Patch Nr: 9071
SUSE Linux Enterprise Software Development Kit 11 SP3
  • nagios-devel >= 3.0.6-1.25.36.1
Builds
SAT Patch Nr: 9071
SUSE Linux Enterprise Software Development Kit 11 SP3
  • nagios >= 3.0.6-1.25.36.1
  • nagios-devel >= 3.0.6-1.25.36.1
  • nagios-www >= 3.0.6-1.25.36.1
Builds
SAT Patch Nr: 9071
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP3 for VMware
  • nagios >= 3.0.6-1.25.36.1
  • nagios-www >= 3.0.6-1.25.36.1
Builds
SAT Patch Nr: 9071

© 2014 Novell