Advisories ยป MGASA-2014-0186

Updated nagios packages fix CVE-2014-1878

Publication date: 23 Apr 2014
Type: security
Affected Mageia releases : 3 , 4
CVE: CVE-2014-1878

Description

Updated nagios packages fix security vulnerability:

Stack-based buffer overflow in the cmd_submitf function in cgi/cmd.c in
Nagios Core, possibly 4.0.3rc1 and earlier, and Icinga before 1.8.6, 1.9
before 1.9.5, and 1.10 before 1.10.3 allows remote attackers to cause a
denial of service (segmentation fault) via a long message to cmd.cgi
(CVE-2014-1878).
                

References

SRPMS

3/core

4/core