1.4.1 - 05/15/2006
* Bug fix for HTTP content_length header integer overflow in CGIs
A vulnerability has been reported in Nagios, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
The vulnerability is caused due to an integer overflow error within the handling of the "Content-Length" HTTP header. This can be exploited to cause a buffer overflow and may allow arbitrary code execute via a HTTP request with specially crafted value in the "Content-Length" HTTP header.
The vulnerability has been reported in the 1.x and 2.x code branches.
Update to the fixed versions.
Update to version 1.4.1.
Update to version 2.3.1.
Advisory is out today.
Trying to break the record of the fastest GLSA :) Thanks to Ramereth who has already commited nagios-1.4.1
I also committed 2.3.1 but both are set as ~arch to ensure no breakage. I didn't get a chance to test it on a working nagios config yet, so I'd like to wait till either someone tests that or we give it a day or so. I don't like breaking people's monitoring system :).
Stable on x86 (2 separate systems)... =]
nagios 1.4.1 stable on ppc64
This one is ready for GLSA. This looks like an errata to GLSA 200605-07.
yeah, if it was incompletely fixed the first time, we should have an errata here
TTL : 8h25m
thanks to Jaervosz, ramereth and arches :)