Buffer Overflow Vulnerability in Nagios Plugins Affects Remote Web Servers
CVE-2007-5198

Currently unrated

Key Information:

Vendor

Nagios

Status
Plugins
Vendor
CVE Published:
4 October 2007

What is CVE-2007-5198?

A buffer overflow vulnerability exists in the redir function within check_http.c of Nagios Plugins prior to version 1.4.10. This vulnerability can be exploited when the plugin is executed with the -f (follow) option. An attacker can craft a specially formatted Location header response from a remote web server that includes an excessive number of leading 'L' characters. If successful, this can lead to arbitrary code execution on the affected system, potentially compromising its integrity and confidentiality.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/27965
third-party-advisoryx_refsource_SECUNIA
http://www.vupen.com/english/advisories/2007/3394
vdb-entryx_refsource_VUPEN
http://bugs.gentoo.org/show_bug.cgi?id=194178
x_refsource_CONFIRM

EPSS Score

16% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.