Vulnerabilities > CVE-2006-2162 - Remote Negative Content-Length Buffer Overflow vulnerability in Nagios 2.0.1/2.1.3
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Buffer overflow in CGI scripts in Nagios 1.x before 1.4 and 2.x before 2.3 allows remote attackers to execute arbitrary code via a negative content length (Content-Length) HTTP header. Upgrade to versions 1.4 and 2.3
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 3 |
Nessus
NASL family SuSE Local Security Checks NASL id SUSE9_10984.NASL description An integer overflow exists within the handling of HTTP headers by CGIs. This could lead to arbitrary code execution by remote attackers on behalf of the Nagios CGI scripts. CVE-2006-2162 has been assigned to this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 41089 published 2009-09-24 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/41089 title SuSE9 Security Update : nagios-www (YOU Patch Number 10984) NASL family SuSE Local Security Checks NASL id SUSE_NAGIOS-WWW-1311.NASL description An Integer-Overflow exists within the handling of HTTP headers by CGIs. This could lead to arbitrary code execution by remote attackers on behalf of the Nagios CGI scripts. CVE-2006-2162 has been assigned to this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 27360 published 2007-10-17 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/27360 title openSUSE 10 Security Update : nagios-www (nagios-www-1311) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-282-1.NASL description The nagios CGI scripts did not sufficiently check the validity of the HTTP Content-Length attribute. By sending a specially crafted HTTP request with a negative Content-Length value to the Nagios server, a remote attacker could exploit this to execute arbitrary code with web server privileges. Please note that the Apache 2 web server already checks for valid Content-Length values, so installations using Apache 2 (the only web server officially supported in Ubuntu) are not vulnerable to this flaw. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 21376 published 2006-05-13 reporter Ubuntu Security Notice (C) 2006-2019 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/21376 title Ubuntu 5.04 / 5.10 : nagios vulnerability (USN-282-1) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200605-07.NASL description The remote host is affected by the vulnerability described in GLSA-200605-07 (Nagios: Buffer overflow) Sebastian Krahmer of the SuSE security team discovered a buffer overflow vulnerability in the handling of a negative HTTP Content-Length header. Impact : A buffer overflow in Nagios CGI scripts under certain web servers allows remote attackers to execute arbitrary code via a negative content length HTTP header. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 21349 published 2006-05-13 reporter This script is Copyright (C) 2006-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/21349 title GLSA-200605-07 : Nagios: Buffer overflow NASL family Debian Local Security Checks NASL id DEBIAN_DSA-1072.NASL description A buffer overflow has been discovered in nagios, a host, service and network monitoring and management system, that could be exploited by remote attackers to execute arbitrary code. last seen 2020-06-01 modified 2020-06-02 plugin id 22614 published 2006-10-14 reporter This script is Copyright (C) 2006-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/22614 title Debian DSA-1072-1 : nagios - buffer overflow
References
- http://secunia.com/advisories/19991
- http://secunia.com/advisories/19998
- http://secunia.com/advisories/20013
- http://secunia.com/advisories/20215
- http://secunia.com/advisories/20247
- http://www.debian.org/security/2006/dsa-1072
- http://www.gentoo.org/security/en/glsa/glsa-200605-07.xml
- http://www.nagios.org/development/changelog.php
- http://www.novell.com/linux/security/advisories/2006_05_19.html
- http://www.securityfocus.com/bid/17879
- http://www.vupen.com/english/advisories/2006/1662
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26253
- https://sourceforge.net/mailarchive/forum.php?thread_id=10297806&forum_id=7890
- https://usn.ubuntu.com/282-1/