Ubuntu Update For Nagios-plugins Vulnerability USN-532-1 Network Vulnerability

Summary

Ubuntu Update for Linux kernel vulnerabilities USN-532-1

Solution

Please Install the Updated Packages.

Insight

Nobuhiro Ban discovered that check_http in nagios-plugins did not properly sanitize its input when following redirection requests. A malicious remote web server could cause a denial of service or possibly execute arbitrary code as the user. (CVE-2007-5198) Aravind Gottipati discovered that sslutils.c in nagios-plugins did not properly reset pointers to NULL. A malicious remote web server could cause a denial of service. Aravind Gottipati discovered that check_http in nagios-plugins did not properly calculate how much memory to reallocate when following redirection requests. A malicious remote web server could cause a denial of service.

Affected

nagios-plugins vulnerability on Ubuntu 6.06 LTS

References

https://lists.ubuntu.com/archives/ubuntu-security-announce/2007-October/000609.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2007-5198

CVSS	Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Ubuntu Update for nagios-plugins vulnerability USN-532-1

Take action and discover your vulnerabilities