CVE-2012-6096

Published: Jan 22, 2013Modified: Apr 29, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Multiple stack-based buffer overflows in the get_history function in history.cgi in Nagios Core before 3.4.4, and Icinga 1.6.x before 1.6.2, 1.7.x before 1.7.4, and 1.8.x before 1.8.4, might allow remote attackers to execute arbitrary code via a long (1) host_name variable (host parameter) or (2) svc_description variable.

Affected (44)

Products: Nagios: Nagios · Icinga: Icinga

1 product

1 product

Configuration A

34 vulnerable

Vulnerable Software	Affected Versions
Nagios Nagios	Up to 3.4.3
Nagios Nagios	Version 3.0.1
Nagios Nagios	Version 3.0.2
Nagios Nagios	Version 3.0.3
Nagios Nagios	Version 3.0.4
Nagios Nagios	Version 3.0.5
Nagios Nagios	Version 3.0.6
Nagios Nagios	Version 3.0
Nagios Nagios	Version 3.0 alpha1
Nagios Nagios	Version 3.0 alpha2
Nagios Nagios	Version 3.0 alpha3
Nagios Nagios	Version 3.0 alpha4
Nagios Nagios	Version 3.0 alpha5
Nagios Nagios	Version 3.0 beta1
Nagios Nagios	Version 3.0 beta2
Nagios Nagios	Version 3.0 beta3
Nagios Nagios	Version 3.0 beta4
Nagios Nagios	Version 3.0 beta5
Nagios Nagios	Version 3.0 beta6
Nagios Nagios	Version 3.0 beta7
Nagios Nagios	Version 3.0 rc1
Nagios Nagios	Version 3.0 rc2
Nagios Nagios	Version 3.0 rc3
Nagios Nagios	Version 3.1.0
Nagios Nagios	Version 3.1.1
Nagios Nagios	Version 3.1.2
Nagios Nagios	Version 3.2.0
Nagios Nagios	Version 3.2.1
Nagios Nagios	Version 3.2.2
Nagios Nagios	Version 3.2.3
Nagios Nagios	Version 3.3.1
Nagios Nagios	Version 3.4.0
Nagios Nagios	Version 3.4.1
Nagios Nagios	Version 3.4.2

Configuration B

10 vulnerable

Vulnerable Software	Affected Versions
Icinga Icinga	Version 1.6.0
Icinga Icinga	Version 1.6.1
Icinga Icinga	Version 1.7.0
Icinga Icinga	Version 1.7.1
Icinga Icinga	Version 1.7.2
Icinga Icinga	Version 1.7.3
Icinga Icinga	Version 1.8.0
Icinga Icinga	Version 1.8.1
Icinga Icinga	Version 1.8.2
Icinga Icinga	Version 1.8.3

Related CWEs

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (32)

http://lists.grok.org.uk/pipermail/full-disclosure/2012-December/089125.html

Source: secalert@redhat.com

http://lists.opensuse.org/opensuse-updates/2013-01/msg00033.html

Source: secalert@redhat.com

http://lists.opensuse.org/opensuse-updates/2013-01/msg00060.html

Source: secalert@redhat.com

http://lists.opensuse.org/opensuse-updates/2013-01/msg00077.html

Source: secalert@redhat.com

http://lists.opensuse.org/opensuse-updates/2013-01/msg00088.html

Source: secalert@redhat.com

http://secunia.com/advisories/51863

Source: secalert@redhat.com

Vendor Advisory

http://www.debian.org/security/2013/dsa-2616

Source: secalert@redhat.com

http://www.debian.org/security/2013/dsa-2653

Source: secalert@redhat.com

http://www.exploit-db.com/exploits/24084

Source: secalert@redhat.com

Exploit

http://www.exploit-db.com/exploits/24159

Source: secalert@redhat.com

Exploit

http://www.nagios.org/projects/nagioscore/history/core-3x

Source: secalert@redhat.com

http://www.osvdb.org/89170

Source: secalert@redhat.com

http://www.securityfocus.com/bid/56879

Source: secalert@redhat.com

Exploit

https://bugzilla.redhat.com/show_bug.cgi?id=893269

Source: secalert@redhat.com

https://dev.icinga.org/issues/3532

Source: secalert@redhat.com

Vendor Advisory

https://www.icinga.org/2013/01/14/icinga-1-6-2-1-7-4-1-8-4-released/

Source: secalert@redhat.com

http://lists.grok.org.uk/pipermail/full-disclosure/2012-December/089125.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-updates/2013-01/msg00033.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-updates/2013-01/msg00060.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-updates/2013-01/msg00077.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-updates/2013-01/msg00088.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/51863

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.debian.org/security/2013/dsa-2616

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2013/dsa-2653

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.exploit-db.com/exploits/24084

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://www.exploit-db.com/exploits/24159

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://www.nagios.org/projects/nagioscore/history/core-3x

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.osvdb.org/89170

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/56879

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

https://bugzilla.redhat.com/show_bug.cgi?id=893269

Source: af854a3a-2127-422b-91ae-364da2661108

https://dev.icinga.org/issues/3532

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://www.icinga.org/2013/01/14/icinga-1-6-2-1-7-4-1-8-4-released/

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.