Nagios Core ‘process_cgivars()’ Function Stack Based Buffer Overflow Exploit
* Nagios Core 3.4.3
An attacker could exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions.
The following example URI is available:
http://www.example.com/nagios/cgi-bin/history.cgi?host=aaaaaaa… (4000 ‘a’s)
Published: December 09 2012