Vulnerability CVE-2012-6096: Information
Description
Multiple stack-based buffer overflows in the get_history function in history.cgi in Nagios Core before 3.4.4, and Icinga 1.6.x before 1.6.2, 1.7.x before 1.7.4, and 1.8.x before 1.8.4, might allow remote attackers to execute arbitrary code via a long (1) host_name variable (host parameter) or (2) svc_description variable.
Severity: HIGH (7.5)
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
---|---|---|---|---|---|---|
nagios | sisyphus | 3.0.6-alt5 | 3.0.6-alt18 | ALT-PU-2017-2354-1 | 189283 | Fixed |
nagios | p10 | 3.0.6-alt5 | 3.0.6-alt16 | ALT-PU-2017-2354-1 | 189283 | Fixed |
nagios | p9 | 3.0.6-alt5 | 3.0.6-alt15 | ALT-PU-2017-2354-1 | 189283 | Fixed |
nagios | c10f1 | 3.0.6-alt5 | 3.0.6-alt16 | ALT-PU-2017-2354-1 | 189283 | Fixed |
nagios | c9f2 | 3.0.6-alt5 | 3.0.6-alt15 | ALT-PU-2017-2354-1 | 189283 | Fixed |