Nagios Core ‘process_cgivars()’ Function Stack Based Buffer Overflow Exploit


Nagios Core is prone to a stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer.



Vulnerable Systems:
 * Nagios Core 3.4.3

An attacker could exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions.

The following example URI is available:… (4000 ‘a’s)

Disclosure Timeline:
Published: December 09 2012

Categories: Exploits