Summary
This host is running Nagios and is prone to denial of service vulnerability.
Impact
Successful exploitation will allow remote attackers to execute arbitrary code or cause denial of service condition.
Impact Level: System/Application.
Solution
Upgrade to version Nagios version 4.0.3rc1 or later.
For updates refer to http://www.nagios.org
Insight
The flaw exists in cmd_submitf() function in cmd.cgi which fails to adequately bounds-check user-supplied data before copying it into buffer
Affected
Nagios version before 4.0.3rc1 are affected.
Detection
Get the installed version of Nagios with the help of detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2014-1878 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- AN Guestbook Local File Inclusion Vulnerability
- 7Media Web Solutions EduTrac Directory Traversal Vulnerability
- AjaXplorer 'doc_file' Parameter Local File Disclosure Vulnerability
- Apache Tomcat cal2.jsp Cross Site Scripting Vulnerability
- AjaXplorer Remote Command Injection and Local File Disclosure Vulnerabilities