[Fwd: Re: [vendor-sec] nagios]
Jesse Keating
jkeating at redhat.com
Wed May 3 20:45:50 UTC 2006
This is public.
-------- Forwarded Message --------
From: Steven M. Christey <coley at linus.mitre.org>
To: Josh Bressers <bressers at redhat.com>
Cc: vendor-sec at lst.de, coley at mitre.org
Subject: Re: [vendor-sec] nagios
Date: Wed, 3 May 2006 16:28:36 -0400 (EDT)
======================================================
Name: CVE-2006-2162
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2162
Reference: CONFIRM:https://sourceforge.net/mailarchive/forum.php?thread_id=10297806&forum_id=7890
Reference: CONFIRM:http://www.nagios.org/development/changelog.php
Buffer overflow in CGI scripts in Nagios 1.x before 1.4 and 2.x before
2.3 allows remote attackers to execute arbitrary code via a negative
content length (Content-Length) HTTP header.
_______________________________________________
Vendor Security mailing list
Vendor Security at lst.de
https://www.lst.de/cgi-bin/mailman/listinfo/vendor-sec
--
Jesse Keating
Release Engineer: Fedora
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 191 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-security-list/attachments/20060503/8f19bb5d/attachment.sig>
More information about the Fedora-security-list
mailing list