Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 16 Dec 2013 21:22:40 +0100
From: Ricardo <ricardo@...chbrothers.com>
To: oss-security@...ts.openwall.com
Subject: Fwd: Vulnerability (Buffer Overflow) in Icinga 1.8, 1.9 and 1.10 (Icinga Issue #5250) Vulnerability (Off-by-one memory access) in Icinga 1.8, 1.9 and 1.10 (Icinga Issue #5251)

Hi,

CVE-2013-7107 will be addressed with https://dev.icinga.org/issues/5346

Nagios will be affected by following CVEs as well:
CVE-2013-7107
CVE-2013-7108

CVE-2013-7106 is Icinga only.

Cheers
Ricardo

Anfang der weitergeleiteten Nachricht:

> Von: cve-assign@...re.org
> Betreff: Aw: Vulnerability (Buffer Overflow) in Icinga 1.8, 1.9 and 1.10 (Icinga Issue #5250) Vulnerability (Off-by-one memory access) in Icinga 1.8, 1.9 and 1.10 (Icinga Issue #5251)
> Datum: 15. Dezember 2013 19:29:59 MEZ
> An: ricardo@...chbrothers.com
> Kopie: cve-assign@...re.org
> 
> Signierter PGP Teil
> Here are the three CVE IDs for your recent reports. Because one report
> mentions CSRF, our expectation is that some type of CSRF impact would
> remain even after the buffer overflows were fixed.
> 
> > This is fixed with Icinga (https://dev.icinga.org/issues/5250):
> > 	1.10.2
> > 	1.9.4
> > 	1.8.5
> >
> > The icinga web gui is susceptible to several buffer overflow flaws,
> > which can be triggered as a logged on user.
> >
> > controlling the program flow by modifying the stack content
> 
> Use CVE-2013-7106.
> 
> 
> > A remote attacker may utilize a CSRF (cross site request forgery)
> > attack vector against a logged in user
> 
> Use CVE-2013-7107.
> 
> 
> > This is fixed with Icinga (https://dev.icinga.org/issues/5251):
> > 	1.10.2
> > 	1.9.4
> > 	1.8.5
> >
> > This probably affects Nagios in current version as well!
> >
> > The icinga web gui are susceptible to an "off-by-one read" error ...
> > the check routine can be forced to skip the terminating null pointer
> > and read the heap address right after the end of the parameter list.
> > Depending on the memory layout, this may result in a memory corruption
> > condition/crash or reading of sensitive memory locations.
> 
> Use CVE-2013-7108.
> 
> --
> CVE assignment team, MITRE CVE Numbering Authority
> M/S M300
> 202 Burlington Road, Bedford, MA 01730 USA
> [ PGP key available through http://cve.mitre.org/cve/request_id.html ]
> 


[ CONTENT OF TYPE text/html SKIPPED ]

[ CONTENT OF TYPE application/pgp-signature SKIPPED ]

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ