CVE-2014-1878

Priority
Low
Description
Stack-based buffer overflow in the cmd_submitf function in cgi/cmd.c in
Nagios Core, possibly 4.0.3rc1 and earlier, and Icinga before 1.8.6, 1.9
before 1.9.5, and 1.10 before 1.10.3 allows remote attackers to cause a
denial of service (segmentation fault) via a long message to cmd.cgi.
References
Bugs
Package
Upstream:released (1.10.3-1)
Ubuntu 17.10 (Artful Aardvark):not-affected (1.10.3)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was needed)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (1.10.3)
Ubuntu Touch 15.04:DNE
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (1.10.3)
Ubuntu 16.10 (Yakkety Yak):not-affected (1.10.3)
Ubuntu 17.04 (Zesty Zapus):not-affected (1.10.3)
Patches:
Upstream:https://dev.icinga.org/projects/icinga-core/repository/revisions/eedf4f7d88cdc50843572224eb38a2f5c78a2dc5
Package
Upstream:needs-triage
Ubuntu 17.10 (Artful Aardvark):released (3.5.1.dfsg-2.1ubuntu5)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was needed)
Ubuntu 14.04 LTS (Trusty Tahr):released (3.5.1-1ubuntu1.1)
Ubuntu Touch 15.04:DNE
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (3.5.1.dfsg-2.1ubuntu1.1)
Ubuntu 16.10 (Yakkety Yak):released (3.5.1.dfsg-2.1ubuntu3.1)
Ubuntu 17.04 (Zesty Zapus):released (3.5.1.dfsg-2.1ubuntu5)
More Information

Updated: 2017-05-10 22:34:05 UTC (commit 12521)