Von: cve-assign () mitre org
Betreff: Aw: Vulnerability (Buffer Overflow) in Icinga 1.8, 1.9 and 1.10 (Icinga Issue #5250) Vulnerability
(Off-by-one memory access) in Icinga 1.8, 1.9 and 1.10 (Icinga Issue #5251)
Datum: 15. Dezember 2013 19:29:59 MEZ
An: ricardo () bitchbrothers com
Kopie: cve-assign () mitre org
Signierter PGP Teil
Here are the three CVE IDs for your recent reports. Because one report
mentions CSRF, our expectation is that some type of CSRF impact would
remain even after the buffer overflows were fixed.
This is fixed with Icinga (https://dev.icinga.org/issues/5250):
The icinga web gui is susceptible to several buffer overflow flaws,
which can be triggered as a logged on user.
controlling the program flow by modifying the stack content
A remote attacker may utilize a CSRF (cross site request forgery)
attack vector against a logged in user
This is fixed with Icinga (https://dev.icinga.org/issues/5251):
This probably affects Nagios in current version as well!
The icinga web gui are susceptible to an "off-by-one read" error ...
the check routine can be forced to skip the terminating null pointer
and read the heap address right after the end of the parameter list.
Depending on the memory layout, this may result in a memory corruption
condition/crash or reading of sensitive memory locations.
CVE assignment team, MITRE CVE Numbering Authority
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]