Vulnerabilities

CVE-2013-7205

by Fred · 14/01/2014

Off-by-one error in the process_cgivars function in contrib/daemonchk.c in Nagios Core 3.5.1, 4.0.2, and earlier allows remote authenticated users to obtain sensitive information from process memory or cause a denial of service (crash) via a long string in the last key value in the variable list, which triggers a heap-based buffer over-read.

Date published : 2014-01-14

http://www.securityfocus.com/bid/64489

http://sourceforge.net/p/nagios/nagioscore/ci/d97e03f32741a7d851826b03ed73ff4c9612a866/

Similar

Tags: Cybersecurity Alert