Security Advisory

CVE-2013-7205

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2014-01-14 18:00:00

Last updated 2024-08-06 18:01:20

Assigner mitre

State PUBLISHED

Description

Off-by-one error in the process_cgivars function in contrib/daemonchk.c in Nagios Core 3.5.1, 4.0.2, and earlier allows remote authenticated users to obtain sensitive information from process memory or cause a denial of service (crash) via a long string in the last key value in the variable list, which triggers a heap-based buffer over-read.

← Browse all CVEs View on cve.org ↗