[Pkg-nagios-devel] [md@mailq.de: Buffer Overflow in nrpe.c]

sean finney seanius@debian.org
Mon, 20 Dec 2004 13:54:53 -0500

Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

hi mischa,

On Mon, Dec 20, 2004 at 04:50:14PM +0100, Mischa Diehm wrote:
> unfortunately no one of the nagios team replied. Maybe you know how to
> get in contact with them.

have you tried the nagios development list?  i have to admit that
i haven't had much success with that list myself so far, but i think
that's because i'm not subscribed and the list moderator hasn't taken
or doesn't take the time to browse the unapproved messages. =20

also, if you could answer a couple questions about this bug:

- is this in the nrpe client, or server?
- is this locally (non-root) or remotely exploitable?

both the client and server for nrpe are seperately maintained
packages from the main nagios packages, so when we do find this
out i'll re-assign it, and contact the security team if necessary.



Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

Version: GnuPG v1.2.4 (GNU/Linux)