[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 461-1] nagios3 security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : nagios3
Version        : 3.4.1-3+deb7u2
CVE ID         : CVE-2014-1878


A stack-based buffer overflow in the cmd_submitf function in cgi/cmd.c
in Nagios, a monitoring and management system for hosts, services and
networks, allowed remote attackers to cause a denial of service
(segmentation fault) via a long message to cmd.cgi.

For Debian 7 "Wheezy", this problem has been fixed in version
3.4.1-3+deb7u2.

We recommend that you upgrade your nagios3 packages.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQJ8BAEBCgBmBQJXLkEaXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRBQ0YzRDA4OEVGMzJFREVGNkExQTgzNUZE
OUFEMTRCOTUxM0I1MUU0AAoJENmtFLlRO1HkozgP/0FtjF0lqjrAYa2fbvRmlxBS
+LeFHgQpQbfYVCfWaqSxIgp/ZZElOzxlnf6KHBkhrZOyhPf7uky/azX6L+gy0mXR
h0k7AQZkugLIH3odac6VE+tIBZBcfETKILhCw6R3BEY0JS4PhBgM4DnD8BGpxbbO
OZE5ppOIT2XrO7Q7XEh+r7Caq6m3Suyxhm7yhZsvNks+1v8I97Xsicza1w0aY34X
zB3eO8YPpvbPnx5SCF0lR9Uzmlk7tqdU/5xqdJskxVQnMmLTntOfO9dssSfYaUxz
islqhdL0J4vH71GhFcm90tElfU3tcZDfP91YBjg18vcYSvqomR0plYztA1BanuMu
La93BNREjZFcRNfnXhgdLtSYEBv7fUh1pl1M2VwHajNYl/Qk7lR1SPTSrEYfEnAc
CHz9JaB+trkGnPLdUkISEFdzBmaPmO8VxjNqFf5imK/fIrfTQqgoAKPyU7q5dIkS
yRuKb3vwvcVTQgvqmNPCwvFDxHxcKOh4z0lTMiXiTy5FaNueZ3HDE93tG/PqgcES
gH7TFpocO/TKuSIowrWuId1+KQWu/cU3dqU5COiUUS4U9BGAX3X9NxY8WQPLORit
3qLi8IzZvd7THkxshzjC+ILVDXXiFCkwgsVc3VCQmAmZubFwqZjgl0cv5Uc9s4E5
idwvM0xe3JYaSCkc8G8N
=LAC8
-----END PGP SIGNATURE-----


Reply to: