Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple stack-based buffer overflows in Icinga before 1.8.5, 1.9 before 1.9.4, and 1.10 before 1.10.2 allow remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a long string to the (1) display_nav_table, (2) page_limit_selector, (3) print_export_link, or (4) page_num_selector function in cgi/cgiutils.c; (5) status_page_num_selector function in cgi/status.c; or (6) display_command_expansion function in cgi/config.c. NOTE: this can be exploited without authentication by leveraging CVE-2013-7107.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Icinga Web Interface 缓冲区溢出漏洞
Vulnerability Description
Icinga是Icinga项目的一套企业级开源监控系统,是一个介于Nagios社区版和企业版间的产品。 Icinga中的多个文件的函数中存在基于栈的缓冲区溢出漏洞。远程攻击者可借助特制的字符串利用该漏洞造成拒绝服务并执行任意代码。其中文件/函数包括:cgi/cgiutils.c文件中的(1)display_nav_table(2)page_limit_selector(3)print_export_link和(4)page_num_selector函数,cgi/status.c文件中的status_pag
CVSS Information
N/A
Vulnerability Type
N/A