Debian Security Advisory
DSA-2616-1 nagios3 -- buffer overflow in CGI scripts
- Date Reported:
- 03 Feb 2013
- Affected Packages:
- nagios3
- Vulnerable:
- Yes
- Security database references:
- In the Debian bugtracking system: Bug 697930.
In Mitre's CVE dictionary: CVE-2012-6096. - More information:
-
A buffer overflow problem has been found in nagios3, a host/service/network monitoring and management system. A malicious client could craft a request to history.cgi and cause application crashes.
For the stable distribution (squeeze), this problem has been fixed in version 3.2.1-2+squeeze1.
For the testing distribution (wheezy), this problem will be fixed soon.
For the unstable distribution (sid), this problem has been fixed in version 3.4.1-3.
We recommend that you upgrade your nagios3 packages.