CVE-2007-5198

Nagios Plugins < 1.4.9 - Buffer Overflow via Location Header with Leading 'L' Characters

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-5198. PoCs published by Nobuhiro Ban.

AI-analyzed exploit summary The provided text describes a buffer overflow vulnerability in Nagios Plugins 1.4.9, where overly long URLs can trigger a remote code execution (RCE) condition. However, the code section contains only example URLs and no actual exploit code or payload.

Description

Buffer overflow in the redir function in check_http.c in Nagios Plugins before 1.4.10, when running with the -f (follow) option, allows remote web servers to execute arbitrary code via Location header responses (redirects) with a large number of leading "L" characters.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Nobuhiro Ban · textdoslinux

https://www.exploit-db.com/exploits/30646

View Code ZIP pw:eip

The provided text describes a buffer overflow vulnerability in Nagios Plugins 1.4.9, where overly long URLs can trigger a remote code execution (RCE) condition. However, the code section contains only example URLs and no actual exploit code or payload.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Theoretical

Target: Nagios Plugins 1.4.9

No auth needed

Prerequisites: Network access to the target system · Vulnerable version of Nagios Plugins

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (20)

Core 20

Core References

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/27965

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2007/3394

Issue Tracking x_refsource_confirm

http://bugs.gentoo.org/show_bug.cgi?id=194178

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/27609

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/27124

Vendor Advisory vendor-advisory x_refsource_mandriva

http://www.mandriva.com/security/advisories?name=MDVSA-2008:067

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/28930

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/29862

Product x_refsource_confirm

http://sourceforge.net/forum/forum.php?forum_id=740172

Exploit x_refsource_confirm

http://sourceforge.net/tracker/index.php?func=detail&aid=1687867&group_id=29880&atid=397597

Vendor Advisory vendor-advisory x_refsource_fedora

https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00282.html

Vendor Advisory vendor-advisory x_refsource_ubuntu

http://www.ubuntu.com/usn/usn-532-1

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/25952

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2008/dsa-1495

Vendor Advisory vendor-advisory x_refsource_suse

http://www.novell.com/linux/security/advisories/2007_25_sr.html

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/27362

Product x_refsource_confirm

http://sourceforge.net/tracker/index.php?func=detail&aid=1813346&group_id=29880&atid=397597

Third Party Advisory vendor-advisory x_refsource_gentoo

http://security.gentoo.org/glsa/glsa-200711-11.xml

Vendor Advisory vendor-advisory x_refsource_fedora

https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00249.html

Vendor Advisory vendor-advisory x_refsource_fedora

https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00320.html

Scores

EPSS 0.1630

EPSS Percentile 94.9%

Details

CWE

CWE-119

Status published

Products (1)

nagios/plugins < 1.4.9

Published Oct 04, 2007

Tracked Since Feb 18, 2026