Preemptive Protection against Nagios "Content-Length" Header Buffer Overflow Vulnerability
| Check Point Reference: | CPAI-2006-047 | |
| Date Published: | ||
| Severity: | ||
| Last Updated: | ||
| Source: | FrSIRT/ADV-2006-1662 |
|
| Industry Reference(s): | CVE-2006-2162 | |
| Protection Provided by: |
VPN-1
|
|
| Who is Vulnerable? Nagios versions prior to 2.3 Nagios versions prior to 1.4 | ||
| Vulnerability Description Nagios is an open source host, service and network monitoring program. The products functionality is implemented through a number of CGI programs. A vulnerability has been identified in Nagios, specifically due to buffer overflow errors in various CGI scripts that do not properly process a negative "Content-Length" HTTP header value. This flaw can be exploited by remote attackers to crash or compromise a vulnerable system. |
||
|
Update/Patch Available Upgrade to Nagios version 2.3 or 1.4 : http://www.nagios.org/download/ |
|
|
Vulnerability Details A buffer overflow vulnerability exists in the Nagios product. Numerous binary executable CGI programs implement a common faulty method of processing the Content-Length header. The value of this header is not checked to be within the range of positive values. This can be exploited by remote attackers to execute remote code on a vulnerable system. |
Protection Overview
Users of VPN-1 NGX R61, R60, users of VPN-1 NG with Application Intelligence R55W, R55 and users of InterSpect NGX and 2.0 are preemptively protected against this vulnerability. No configuration is required.
To configure the defense, select your product from the list below and follow the related protection steps.