This is public.
-------- Forwarded Message --------
From: Steven M. Christey <coley(a)linus.mitre.org>
To: Josh Bressers <bressers(a)redhat.com>
Cc: vendor-sec(a)lst.de, coley(a)mitre.org
Subject: Re: [vendor-sec] nagios
Date: Wed, 3 May 2006 16:28:36 -0400 (EDT)
======================================================
Name: CVE-2006-2162
Status: Candidate
URL:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2162
Reference:
CONFIRM:https://sourceforge.net/mailarchive/forum.php?thread_id=10297806&...
Reference:
CONFIRM:http://www.nagios.org/development/changelog.php
Buffer overflow in CGI scripts in Nagios 1.x before 1.4 and 2.x before
2.3 allows remote attackers to execute arbitrary code via a negative
content length (Content-Length) HTTP header.
_______________________________________________
Vendor Security mailing list
Vendor Security(a)lst.de
https://www.lst.de/cgi-bin/mailman/listinfo/vendor-sec
--
Jesse Keating
Release Engineer: Fedora