Bug#366683: CVE-2006-2162: Buffer overflow in nagios

2006-05-12 Thread Martin Schulze
Sean Finney wrote: > On Fri, May 12, 2006 at 06:24:21AM +0200, Martin Schulze wrote: > > Please let me know the version in sid that will have this problem > > fixed once you know it. > > for nagios 1.x: 1.4-1 (or 2:1.4-1, since there's an epoch i guess) > for nagios 2.x: 2.3-1 Noted. > both are

Bug#366683: CVE-2006-2162: Buffer overflow in nagios

2006-05-12 Thread Sean Finney
On Fri, May 12, 2006 at 06:24:21AM +0200, Martin Schulze wrote: > Please let me know the version in sid that will have this problem > fixed once you know it. for nagios 1.x: 1.4-1 (or 2:1.4-1, since there's an epoch i guess) for nagios 2.x: 2.3-1 both are recently uploaded. i've made a diff.gz o

Bug#366683: CVE-2006-2162: Buffer overflow in nagios

2006-05-12 Thread Stefan Fritsch
Hi, On Friday 12 May 2006 01:17, sean finney wrote: > On Thu, May 11, 2006 at 11:46:21PM +0200, Stefan Fritsch wrote: > > the Ubuntu guys already found out that Apache 2 doesn't accept > > requests with negative content length and I just checked that > > Apache 1.3 doesn't either. I guess this mak

Bug#366683: CVE-2006-2162: Buffer overflow in nagios

2006-05-11 Thread sean finney
On Thu, May 11, 2006 at 11:46:21PM +0200, Stefan Fritsch wrote: > severity 366682 important > severity 366683 important > thanks > > Hi, > > the Ubuntu guys already found out that Apache 2 doesn't accept > requests with negative content length and I just checked that Apache > 1.3 doesn't either

Bug#366683: CVE-2006-2162: Buffer overflow in nagios

2006-05-11 Thread Sean Finney
hey joey, On Thu, May 11, 2006 at 05:46:16PM +0200, Martin Schulze wrote: > > - crafting a simple "user-agent" that can illustrate the vulnerability > > by sending a negative or 0 value for content length to a nagios cgi > > (it doesn't have to actually inject any shell code or anything, just

Bug#366683: CVE-2006-2162: Buffer overflow in nagios

2006-05-11 Thread sean finney
hey security team and nagios team, as reported to us in the bts, the debian nagios packages are vulnerable to arbitrary code execution via not properly checking the Content-Length header from client requests. here are the affected versions afaict: stable: nagios-mysql 2:1.3-cvs.20050402-2.sarg

Bug#366683: [EMAIL PROTECTED]: [Pkg-nagios-devel] Bug#366683: CVE-2006-2162: Buffer overflow in nagios]

2006-05-10 Thread sean finney
prepare an update for the debian sarge and woody packages. sean - Forwarded message from Stefan Fritsch <[EMAIL PROTECTED]> - Date: Wed, 10 May 2006 13:23:59 +0200 (CEST) From: Stefan Fritsch <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: [Pkg-nagios-devel] Bug#366683:

Bug#366683: CVE-2006-2162: Buffer overflow in nagios

2006-05-10 Thread Stefan Fritsch
Package: nagios2 Severity: grave Justification: user security hole Tags: security CVE-2006-2162: Buffer overflow in CGI scripts in Nagios 1.x before 1.4 and 2.x before 2.3 allows remote attackers to execute arbitrary code via a negative content length (Content-Length) HTTP header. See http://cve