oss-sec mailing list archives
Fwd: Vulnerability (Buffer Overflow) in Icinga 1.8, 1.9 and 1.10 (Icinga Issue #5250) Vulnerability (Off-by-one memory access) in Icinga 1.8, 1.9 and 1.10 (Icinga Issue #5251)
From: Ricardo <ricardo () bitchbrothers com>
Date: Mon, 16 Dec 2013 21:22:40 +0100
Hi, CVE-2013-7107 will be addressed with https://dev.icinga.org/issues/5346 Nagios will be affected by following CVEs as well: CVE-2013-7107 CVE-2013-7108 CVE-2013-7106 is Icinga only. Cheers Ricardo Anfang der weitergeleiteten Nachricht:
Von: cve-assign () mitre org Betreff: Aw: Vulnerability (Buffer Overflow) in Icinga 1.8, 1.9 and 1.10 (Icinga Issue #5250) Vulnerability (Off-by-one memory access) in Icinga 1.8, 1.9 and 1.10 (Icinga Issue #5251) Datum: 15. Dezember 2013 19:29:59 MEZ An: ricardo () bitchbrothers com Kopie: cve-assign () mitre org Signierter PGP Teil Here are the three CVE IDs for your recent reports. Because one report mentions CSRF, our expectation is that some type of CSRF impact would remain even after the buffer overflows were fixed.This is fixed with Icinga (https://dev.icinga.org/issues/5250): 1.10.2 1.9.4 1.8.5 The icinga web gui is susceptible to several buffer overflow flaws, which can be triggered as a logged on user. controlling the program flow by modifying the stack contentUse CVE-2013-7106.A remote attacker may utilize a CSRF (cross site request forgery) attack vector against a logged in userUse CVE-2013-7107.This is fixed with Icinga (https://dev.icinga.org/issues/5251): 1.10.2 1.9.4 1.8.5 This probably affects Nagios in current version as well! The icinga web gui are susceptible to an "off-by-one read" error ... the check routine can be forced to skip the terminating null pointer and read the heap address right after the end of the parameter list. Depending on the memory layout, this may result in a memory corruption condition/crash or reading of sensitive memory locations.Use CVE-2013-7108. -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ]
Attachment:
signature.asc
Description: Message signed with OpenPGP using GPGMail
Current thread:
- Fwd: Vulnerability (Buffer Overflow) in Icinga 1.8, 1.9 and 1.10 (Icinga Issue #5250) Vulnerability (Off-by-one memory access) in Icinga 1.8, 1.9 and 1.10 (Icinga Issue #5251) Ricardo (Dec 16)