Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveRedhatCVE-2012-6096
HistoryJan 22, 2013 - 11:55 p.m.

CVE-2012-6096

2013-01-2223:55:03
CWE-119
redhat
web.nvd.nist.gov
51
cve-2012-6096
buffer overflow
remote code execution
nagios core
icinga

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.5

Confidence

Low

EPSS

0.965

Percentile

99.6%

JSON

Multiple stack-based buffer overflows in the get_history function in history.cgi in Nagios Core before 3.4.4, and Icinga 1.6.x before 1.6.2, 1.7.x before 1.7.4, and 1.8.x before 1.8.4, might allow remote attackers to execute arbitrary code via a long (1) host_name variable (host parameter) or (2) svc_description variable.

Affected configurations

Nvd
Node
nagiosnagiosRange3.4.3
OR
nagiosnagiosMatch3.0
OR
nagiosnagiosMatch3.0alpha1
OR
nagiosnagiosMatch3.0alpha2
OR
nagiosnagiosMatch3.0alpha3
OR
nagiosnagiosMatch3.0alpha4
OR
nagiosnagiosMatch3.0alpha5
OR
nagiosnagiosMatch3.0beta1
OR
nagiosnagiosMatch3.0beta2
OR
nagiosnagiosMatch3.0beta3
OR
nagiosnagiosMatch3.0beta4
OR
nagiosnagiosMatch3.0beta5
OR
nagiosnagiosMatch3.0beta6
OR
nagiosnagiosMatch3.0beta7
OR
nagiosnagiosMatch3.0rc1
OR
nagiosnagiosMatch3.0rc2
OR
nagiosnagiosMatch3.0rc3
OR
nagiosnagiosMatch3.0.1
OR
nagiosnagiosMatch3.0.2
OR
nagiosnagiosMatch3.0.3
OR
nagiosnagiosMatch3.0.4
OR
nagiosnagiosMatch3.0.5
OR
nagiosnagiosMatch3.0.6
OR
nagiosnagiosMatch3.1.0
OR
nagiosnagiosMatch3.1.1
OR
nagiosnagiosMatch3.1.2
OR
nagiosnagiosMatch3.2.0
OR
nagiosnagiosMatch3.2.1
OR
nagiosnagiosMatch3.2.2
OR
nagiosnagiosMatch3.2.3
OR
nagiosnagiosMatch3.3.1
OR
nagiosnagiosMatch3.4.0
OR
nagiosnagiosMatch3.4.1
OR
nagiosnagiosMatch3.4.2
Node
icingaicingaMatch1.6.0
OR
icingaicingaMatch1.6.1
OR
icingaicingaMatch1.7.0
OR
icingaicingaMatch1.7.1
OR
icingaicingaMatch1.7.2
OR
icingaicingaMatch1.7.3
OR
icingaicingaMatch1.8.0
OR
icingaicingaMatch1.8.1
OR
icingaicingaMatch1.8.2
OR
icingaicingaMatch1.8.3
VendorProductVersionCPE
nagiosnagios*cpe:2.3:a:nagios:nagios:*:*:*:*:*:*:*:*
nagiosnagios3.0cpe:2.3:a:nagios:nagios:3.0:*:*:*:*:*:*:*
nagiosnagios3.0cpe:2.3:a:nagios:nagios:3.0:alpha1:*:*:*:*:*:*
nagiosnagios3.0cpe:2.3:a:nagios:nagios:3.0:alpha2:*:*:*:*:*:*
nagiosnagios3.0cpe:2.3:a:nagios:nagios:3.0:alpha3:*:*:*:*:*:*
nagiosnagios3.0cpe:2.3:a:nagios:nagios:3.0:alpha4:*:*:*:*:*:*
nagiosnagios3.0cpe:2.3:a:nagios:nagios:3.0:alpha5:*:*:*:*:*:*
nagiosnagios3.0cpe:2.3:a:nagios:nagios:3.0:beta1:*:*:*:*:*:*
nagiosnagios3.0cpe:2.3:a:nagios:nagios:3.0:beta2:*:*:*:*:*:*
nagiosnagios3.0cpe:2.3:a:nagios:nagios:3.0:beta3:*:*:*:*:*:*
Rows per page:
1-10 of 441

Related

packetstorm 2
nessus 13
exploitpack 2
openvas 14
saint 4
exploitdb 2
debian 3
seebug 2
securityvulns 4
cvelist 1
fedora 4
ubuntucve 1
freebsd 1
prion 1
metasploit 1
debiancve 1
nvd 1
zdt 1
gentoo 1
packetstorm
packetstorm
Nagios 3.x Remote Command Execution
2013-01-15 00:00:00
Nagios3 history.cgi Host Command Execution
2013-01-17 00:00:00
nessus
nessus
SuSE 10 Security Update : nagios (ZYPP Patch Number 8460)
2013-02-28 00:00:00
openSUSE Security Update : nagios (openSUSE-SU-2013:0140-1)
2014-06-13 00:00:00
openSUSE Security Update : icinga (openSUSE-SU-2013:0169-1)
2014-06-13 00:00:00
exploitpack
exploitpack
Nagios3 - history.cgi Remote Command Execution
2013-01-13 00:00:00
Nagios-history.cgi-Exec-Code
2015-01-05 11:28:28
openvas
openvas
Fedora Update for nagios FEDORA-2013-0753
2013-01-24 00:00:00
Debian: Security Advisory (DSA-2616-1)
2013-02-02 00:00:00
Fedora Update for nagios FEDORA-2013-0732
2013-01-24 00:00:00
saint
saint
Nagios 3 history.cgi Command Injection
2013-01-28 00:00:00
Nagios 3 history.cgi Command Injection
2013-01-28 00:00:00
Nagios 3 history.cgi Command Injection
2013-01-28 00:00:00
exploitdb
exploitdb
Nagios3 - 'history.cgi' Host Command Execution (Metasploit)
2013-01-16 00:00:00
Nagios3 - 'history.cgi' Remote Command Execution
2013-01-13 00:00:00
debian
debian
[SECURITY] [DSA 2653-1] icinga security update
2013-03-26 20:54:05
[SECURITY] [DSA 2616-1] nagios3 security update
2013-02-03 21:24:02
[BSA-079] Security Update for icinga
2013-01-18 09:15:21
seebug
seebug
Nagios history.cgi Remote Command Execution Vulnerability
2014-07-01 00:00:00
Nagios 3.x Remote Command Execution(CVE-2012-6096)
2013-01-16 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 2653-1] icinga security update
2013-05-06 00:00:00
[SECURITY] [DSA 2616-1] nagios3 security update
2013-02-11 00:00:00
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2013-02-11 00:00:00
cvelist
cvelist
CVE-2012-6096
2013-01-22 23:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: nagios-3.5.0-5.fc18
2013-06-25 03:28:41
[SECURITY] Fedora 18 Update: nagios-3.4.4-1.fc18
2013-01-23 02:03:16
[SECURITY] Fedora 17 Update: nagios-3.4.4-1.fc17
2013-01-23 01:32:37
ubuntucve
ubuntucve
CVE-2012-6096
2013-01-22 00:00:00
freebsd
freebsd
nagios -- buffer overflow in history.cgi
2012-12-21 00:00:00
prion
prion
Stack overflow
2013-01-22 23:55:00
metasploit
metasploit
Nagios3 history.cgi Host Command Execution
2013-01-15 14:32:32
debiancve
debiancve
CVE-2012-6096
2013-01-22 23:55:03
nvd
nvd
CVE-2012-6096
2013-01-22 23:55:03
zdt
zdt
Nagios history.cgi Remote Command Execution Vulnerability
2013-01-13 00:00:00
gentoo
gentoo
Nagios: Multiple vulnerabilities
2014-12-13 00:00:00

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.5

Confidence

Low

EPSS

0.965

Percentile

99.6%

JSON
Related for CVE-2012-6096
packetstorm2nessus13exploitpack2openvas14saint4exploitdb2debian3seebug2securityvulns4cvelist1fedora4ubuntucve1freebsd1prion1metasploit1debiancve1nvd1zdt1gentoo1