CVE-2006-2162 Common Vulnerabilities and Exposures

Upstream information

CVE-2006-2162 at MITRE

Description

Buffer overflow in CGI scripts in Nagios 1.x before 1.4 and 2.x before 2.3 allows remote attackers to execute arbitrary code via a negative content length (Content-Length) HTTP header.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having moderate severity.

CVSS v2 Scores
	National Vulnerability Database
Base Score	5
Vector	AV:N/AC:L/Au:N/C:N/I:P/A:N
Access Vector	Network
Access Complexity	Low
Authentication	None
Confidentiality Impact	None
Integrity Impact	Partial
Availability Impact	None

SUSE Bugzilla entry: 140494 [RESOLVED / FIXED]

SUSE Security Advisories:

SUSE-SR:2006:011, published Fri, 19 May 2006 16:00:00 +0000

List of released packages

Product(s)	Fixed package version(s)	References
openSUSE Tumbleweed	`nagios >= 4.4.6-2.5` `nagios-contrib >= 4.4.6-2.5` `nagios-devel >= 4.4.6-2.5` `nagios-theme-exfoliation >= 4.4.6-2.5` `nagios-www >= 4.4.6-2.5` `nagios-www-dch >= 4.4.6-2.5`	Patchnames: openSUSE-Tumbleweed-2024-11073

SUSE Timeline for this CVE

CVE page created: Fri Jun 28 02:37:00 2013
CVE page last modified: Tue Sep 3 18:11:14 2024