WEB Nagios core CGI Process_cgivars Off-By-One -5 (CVE-2013-7108)

Rule ID

1231049

Severity

Medium

Description

There exists an Off-By-One flaw in Nagios Core. The problem is caused by improper boundary check when validating the parameters passed to the application. Due to improper input handling an unauthenticated attacker can send a specially crafted HTTP request and cause a denial of service condition. All versions of the Nagios Enterprises Core 3.x before Dec 20, 2013 are vulnerable to this attack.

Impact

Remote code execution

Recommendation

Update vendor's patch.

IPS Category

Web threats

IPS Anomaly Group

N/A

IPS Rule Default Action

Allow

Reference

BID:64363

CVE-2013-7108

sa55976

T1498.001

T1498

Keyword

N/A

Created At

2022/05/12

Updated At

2022/05/12

This website uses cookies to ensure you get the best experience on our website.

Learn more