This is public. -------- Forwarded Message -------- From: Steven M. Christey <coley@xxxxxxxxxxxxxxx> To: Josh Bressers <bressers@xxxxxxxxxx> Cc: vendor-sec@xxxxxx, coley@xxxxxxxxx Subject: Re: [vendor-sec] nagios Date: Wed, 3 May 2006 16:28:36 -0400 (EDT) ====================================================== Name: CVE-2006-2162 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2162 Reference: CONFIRM:https://sourceforge.net/mailarchive/forum.php?thread_id=10297806&forum_id=7890 Reference: CONFIRM:http://www.nagios.org/development/changelog.php Buffer overflow in CGI scripts in Nagios 1.x before 1.4 and 2.x before 2.3 allows remote attackers to execute arbitrary code via a negative content length (Content-Length) HTTP header. _______________________________________________ Vendor Security mailing list Vendor Security@xxxxxx https://www.lst.de/cgi-bin/mailman/listinfo/vendor-sec -- Jesse Keating Release Engineer: Fedora
Attachment:
signature.asc
Description: This is a digitally signed message part
