CVE-2014-1878 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2014-1878 Interim 1 18 2023-12-08T02:28:29Z current 2021-05-30T13:19:40Z 2023-12-08T02:28:29Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2014-1878 Stack-based buffer overflow in the cmd_submitf function in cgi/cmd.c in Nagios Core, possibly 4.0.3rc1 and earlier, and Icinga before 1.8.6, 1.9 before 1.9.5, and 1.10 before 1.10.3 allows remote attackers to cause a denial of service (segmentation fault) via a long message to cmd.cgi. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.suse.com/pipermail/sle-security-updates/2014-April/000802.html E-Mail link for SUSE-SU-2014:0570-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Server 11 SP1-TERADATA SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3-TERADATA SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Server for SAP Applications 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP4 openSUSE Tumbleweed nagios-3.0.6-1.25.36.1 nagios-4.4.6-2.5 nagios-contrib-4.4.6-2.5 nagios-devel-3.0.6-1.25.36.1 nagios-devel-4.4.6-2.5 nagios-theme-exfoliation-4.4.6-2.5 nagios-www-3.0.6-1.25.36.1 nagios-www-4.4.6-2.5 nagios-www-dch-4.4.6-2.5 nagios-3.0.6-1.25.36.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA nagios-www-3.0.6-1.25.36.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA nagios-3.0.6-1.25.36.1 as a component of SUSE Linux Enterprise Server 11 SP3 nagios-www-3.0.6-1.25.36.1 as a component of SUSE Linux Enterprise Server 11 SP3 nagios-3.0.6-1.25.36.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA nagios-www-3.0.6-1.25.36.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA nagios-3.0.6-1.25.36.1 as a component of SUSE Linux Enterprise Server 11 SP4 nagios-www-3.0.6-1.25.36.1 as a component of SUSE Linux Enterprise Server 11 SP4 nagios-3.0.6-1.25.36.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 nagios-www-3.0.6-1.25.36.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 nagios-3.0.6-1.25.36.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP3 nagios-devel-3.0.6-1.25.36.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP3 nagios-www-3.0.6-1.25.36.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP3 nagios-3.0.6-1.25.36.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 nagios-devel-3.0.6-1.25.36.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 nagios-www-3.0.6-1.25.36.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 nagios-4.4.6-2.5 as a component of openSUSE Tumbleweed nagios-contrib-4.4.6-2.5 as a component of openSUSE Tumbleweed nagios-devel-4.4.6-2.5 as a component of openSUSE Tumbleweed nagios-theme-exfoliation-4.4.6-2.5 as a component of openSUSE Tumbleweed nagios-www-4.4.6-2.5 as a component of openSUSE Tumbleweed nagios-www-dch-4.4.6-2.5 as a component of openSUSE Tumbleweed Stack-based buffer overflow in the cmd_submitf function in cgi/cmd.c in Nagios Core, possibly 4.0.3rc1 and earlier, and Icinga before 1.8.6, 1.9 before 1.9.5, and 1.10 before 1.10.3 allows remote attackers to cause a denial of service (segmentation fault) via a long message to cmd.cgi. CVE-2014-1878 SUSE Linux Enterprise Server 11 SP1-TERADATA:nagios-3.0.6-1.25.36.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:nagios-www-3.0.6-1.25.36.1 SUSE Linux Enterprise Server 11 SP3:nagios-3.0.6-1.25.36.1 SUSE Linux Enterprise Server 11 SP3:nagios-www-3.0.6-1.25.36.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:nagios-3.0.6-1.25.36.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:nagios-www-3.0.6-1.25.36.1 SUSE Linux Enterprise Server 11 SP4:nagios-3.0.6-1.25.36.1 SUSE Linux Enterprise Server 11 SP4:nagios-www-3.0.6-1.25.36.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:nagios-3.0.6-1.25.36.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:nagios-www-3.0.6-1.25.36.1 SUSE Linux Enterprise Software Development Kit 11 SP3:nagios-3.0.6-1.25.36.1 SUSE Linux Enterprise Software Development Kit 11 SP3:nagios-devel-3.0.6-1.25.36.1 SUSE Linux Enterprise Software Development Kit 11 SP3:nagios-www-3.0.6-1.25.36.1 SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-3.0.6-1.25.36.1 SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-devel-3.0.6-1.25.36.1 SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-www-3.0.6-1.25.36.1 openSUSE Tumbleweed:nagios-4.4.6-2.5 openSUSE Tumbleweed:nagios-contrib-4.4.6-2.5 openSUSE Tumbleweed:nagios-devel-4.4.6-2.5 openSUSE Tumbleweed:nagios-theme-exfoliation-4.4.6-2.5 openSUSE Tumbleweed:nagios-www-4.4.6-2.5 openSUSE Tumbleweed:nagios-www-dch-4.4.6-2.5 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P