CVE-2006-2162
Nagios < 1.3 - Remote Code Execution via Negative Content-Length HTTP Header
Title source: llmDescription
Buffer overflow in CGI scripts in Nagios 1.x before 1.4 and 2.x before 2.3 allows remote attackers to execute arbitrary code via a negative content length (Content-Length) HTTP header.
References (14)
Core 14
Core References
Vendor Advisory vendor-advisory
x_refsource_ubuntu
https://usn.ubuntu.com/282-1/
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/26253
Product x_refsource_confirm
https://sourceforge.net/mailarchive/forum.php?thread_id=10297806&forum_id=7890
Third Party Advisory vendor-advisory
x_refsource_gentoo
http://www.gentoo.org/security/en/glsa/glsa-200605-07.xml
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2006/dsa-1072
Vendor Advisory vendor-advisory
x_refsource_suse
http://www.novell.com/linux/security/advisories/2006_05_19.html
Various Sources x_refsource_confirm
http://www.nagios.org/development/changelog.php
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2006/1662
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/19998
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/19991
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/20013
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/20215
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/17879
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/20247
Scores
EPSS
0.0132
EPSS Percentile
80.1%
Details
Status
published
Products (1)
nagios/nagios
< 1.3
Published
May 03, 2006
Tracked Since
Feb 18, 2026