[Pkg-nagios-devel] Bug#366682: CVE-2006-2162: Buffer overflow in nagios

Sean Finney seanius at debian.org
Fri May 12 15:00:53 UTC 2006

On Fri, May 12, 2006 at 06:24:21AM +0200, Martin Schulze wrote:
> Please let me know the version in sid that will have this problem
> fixed once you know it.

for nagios 1.x: 1.4-1 (or 2:1.4-1, since there's an epoch i guess)
for nagios 2.x: 2.3-1

both are recently uploaded.

i've made a diff.gz of the sarge version available at:


though there's no difference wrt your patch other than cosmetics and
different dpatch names.  also, there is a


which is a quick PoC i threw together to test the cgi's from the

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/pkg-nagios-devel/attachments/20060512/7e21fe12/attachment-0002.pgp

More information about the Pkg-nagios-devel mailing list