CVE-2014-1878

Public on 2014-02-28
Modified on 2017-10-03
Description
Stack-based buffer overflow in the cmd_submitf function in cgi/cmd.c in Nagios Core, possibly 4.0.3rc1 and earlier, and Icinga before 1.8.6, 1.9 before 1.9.5, and 1.10 before 1.10.3 allows remote attackers to cause a denial of service (segmentation fault) via a long message to cmd.cgi.
Severity
Medium severity
Medium
CVSS v3 Base Score
4.0
See breakdown

Affected Packages

Platform Package Release Date Advisory Status
Amazon Linux 1 nagios 2017-10-03 ALAS-2017-899 Fixed

CVSS Scores

Score Type Score Vector
Amazon Linux CVSSv2 4.0 AV:N/AC:L/Au:S/C:N/I:N/A:P
NVD CVSSv2 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P