MDVSA-2013:028
- Nome do pacote
- nagios
- Data
- 2013-03-18
- ID Alerta
- MDVSA-2013:028
- Versões afetadas
- MES5 i586 , MES5 x86_64
Descrição do problema
A vulnerability has been found and corrected in nagios:
Multiple stack-based buffer overflows in the get_history function
in history.cgi in Nagios Core before 3.4.4, and Icinga 1.6.x before
1.6.2, 1.7.x before 1.7.4, and 1.8.x before 1.8.4, might allow remote
attackers to execute arbitrary code via a long (1) host_name variable
(host parameter) or (2) svc_description variable (CVE-2012-6096).
The updated packages have been patched to correct this issue.
Pacotes atualizados
MES5 i586
dabb598af3a93d05169d3dab9f12b69d mes5/i586/nagios-3.1.2-0.4mdvmes5.2.i586.rpm df33f1ed27f9d74f3fa4ea5d4a347c70 mes5/i586/nagios-devel-3.1.2-0.4mdvmes5.2.i586.rpm d1ea00c20f13f6d9aa7773f4f137ebeb mes5/i586/nagios-theme-default-3.1.2-0.4mdvmes5.2.i586.rpm ab09d902b27ca0da9230b9cb4d9a5f8f mes5/i586/nagios-www-3.1.2-0.4mdvmes5.2.i586.rpm b95930b57fbb2d8560e26132f53ca233 mes5/SRPMS/nagios-3.1.2-0.4mdvmes5.2.src.rpm
MES5 x86_64
5d12b28e4d7f5a523c95853faade8325 mes5/x86_64/nagios-3.1.2-0.4mdvmes5.2.x86_64.rpm a83093a3df1b226ed8c612091e4446e6 mes5/x86_64/nagios-devel-3.1.2-0.4mdvmes5.2.x86_64.rpm ab9ed42f03f622cee342cffa2016a408 mes5/x86_64/nagios-theme-default-3.1.2-0.4mdvmes5.2.x86_64.rpm 091de2efcc2767e53be2a6206f58a0ed mes5/x86_64/nagios-www-3.1.2-0.4mdvmes5.2.x86_64.rpm b95930b57fbb2d8560e26132f53ca233 mes5/SRPMS/nagios-3.1.2-0.4mdvmes5.2.src.rpm