[Pkg-nagios-devel] [firstname.lastname@example.org: Buffer Overflow in nrpe.c]
Mon, 20 Dec 2004 13:54:53 -0500
Content-Type: text/plain; charset=us-ascii
On Mon, Dec 20, 2004 at 04:50:14PM +0100, Mischa Diehm wrote:
> unfortunately no one of the nagios team replied. Maybe you know how to
> get in contact with them.
have you tried the nagios development list? i have to admit that
i haven't had much success with that list myself so far, but i think
that's because i'm not subscribed and the list moderator hasn't taken
or doesn't take the time to browse the unapproved messages. =20
also, if you could answer a couple questions about this bug:
- is this in the nrpe client, or server?
- is this locally (non-root) or remotely exploitable?
both the client and server for nrpe are seperately maintained
packages from the main nagios packages, so when we do find this
out i'll re-assign it, and contact the security team if necessary.
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
-----END PGP SIGNATURE-----