fkie_cve-2013-7106
Vulnerability from fkie_nvd
Published
2014-01-15 16:08
Modified
2025-04-11 00:51
Severity ?
Summary
Multiple stack-based buffer overflows in Icinga before 1.8.5, 1.9 before 1.9.4, and 1.10 before 1.10.2 allow remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a long string to the (1) display_nav_table, (2) page_limit_selector, (3) print_export_link, or (4) page_num_selector function in cgi/cgiutils.c; (5) status_page_num_selector function in cgi/status.c; or (6) display_command_expansion function in cgi/config.c. NOTE: this can be exploited without authentication by leveraging CVE-2013-7107.
References
cve@mitre.orghttp://www.openwall.com/lists/oss-security/2013/12/16/4
cve@mitre.orghttps://dev.icinga.org/issues/5250
cve@mitre.orghttps://www.icinga.org/2013/12/17/icinga-security-releases-1-10-2-1-9-4-1-8-5/Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2013/12/16/4
af854a3a-2127-422b-91ae-364da2661108https://dev.icinga.org/issues/5250
af854a3a-2127-422b-91ae-364da2661108https://www.icinga.org/2013/12/17/icinga-security-releases-1-10-2-1-9-4-1-8-5/Vendor Advisory
Impacted products
Vendor Product Version
icinga icinga *
icinga icinga 0.8.0
icinga icinga 0.8.1
icinga icinga 0.8.2
icinga icinga 0.8.3
icinga icinga 0.8.4
icinga icinga 1.0
icinga icinga 1.0
icinga icinga 1.0.1
icinga icinga 1.0.2
icinga icinga 1.0.3
icinga icinga 1.2.0
icinga icinga 1.2.1
icinga icinga 1.3.0
icinga icinga 1.3.1
icinga icinga 1.4.0
icinga icinga 1.4.1
icinga icinga 1.6.0
icinga icinga 1.6.1
icinga icinga 1.6.2
icinga icinga 1.7.0
icinga icinga 1.7.1
icinga icinga 1.7.2
icinga icinga 1.7.3
icinga icinga 1.7.4
icinga icinga 1.8.0
icinga icinga 1.8.1
icinga icinga 1.8.2
icinga icinga 1.8.3
icinga icinga 1.9.0
icinga icinga 1.9.1
icinga icinga 1.9.2
icinga icinga 1.9.3
icinga icinga 1.10.0
icinga icinga 1.10.1


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:icinga:icinga:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BD88897-2A40-4127-B8B6-A4DEAF4BE166",
              "versionEndIncluding": "1.8.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:icinga:icinga:0.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D65D942-0560-42B0-BAF8-D6B8C4237558",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:icinga:icinga:0.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CF3E50F-0DF1-44C1-9E7D-E3AE9BBAC5C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:icinga:icinga:0.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F87DFD18-B038-4E18-889A-FCADDC7E9C23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:icinga:icinga:0.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9B482D1-BB5D-41CC-A330-214F1EC9BD43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:icinga:icinga:0.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EB99BAF-6CF9-4F61-A86B-91F4DAE20F58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:icinga:icinga:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B65BD554-2D66-4237-8829-EC5CFD374E4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:icinga:icinga:1.0:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "51CBC3F4-EB90-462D-B840-71DB9E8E3667",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:icinga:icinga:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "719B37F6-4D3A-4922-B58D-536A775D42D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:icinga:icinga:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7890303A-21C3-47B8-86AF-1B07A01C9AE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:icinga:icinga:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "CED3BF83-92C3-4324-BC6E-722309A8787B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:icinga:icinga:1.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5F7F451-E7AA-4C84-874D-7C7E5C162DEA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:icinga:icinga:1.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5250AED-B86C-4415-A274-7DD9659F40D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:icinga:icinga:1.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6E333C3-C264-41C9-B358-97A3F62C649D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:icinga:icinga:1.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEAD9B4E-66B1-4E82-8A6F-B46A4F0A61D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:icinga:icinga:1.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0166CAEF-0126-4B6E-BE57-5398375C17EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:icinga:icinga:1.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "11406052-8C4C-4CA4-9A73-82135D236741",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:icinga:icinga:1.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "29CC0581-0AE1-43FE-8F98-CB2E7204A7E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:icinga:icinga:1.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "246A0425-A4D6-478D-AADB-07A0D3610FED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:icinga:icinga:1.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D7488AD-C2CA-491E-B4E4-322A275EE13A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:icinga:icinga:1.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "01476892-42B5-44F6-91D2-8C9F680A2F02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:icinga:icinga:1.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A830CEA4-06F7-46FB-8216-0D18796F7BF0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:icinga:icinga:1.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB9B0C24-D65D-4406-B5F7-5EA60F701872",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:icinga:icinga:1.7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5260A6FA-C393-4AD5-B5C8-73616F21FEA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:icinga:icinga:1.7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "94C19BC7-55B5-4D0D-96CC-1C9C40F7829F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:icinga:icinga:1.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C1DE372-E2A4-4C4B-B85C-104D84696090",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:icinga:icinga:1.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2B3410C-6FF8-4485-AC06-BBA15A4BC9E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:icinga:icinga:1.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "27F6ACDE-05A0-4688-97FF-EB4C23E8F52D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:icinga:icinga:1.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "6333E91A-6315-437C-A600-0B824976FBB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:icinga:icinga:1.9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8BCA88C-5AA9-4C0D-9FA3-80BA8FBBD521",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:icinga:icinga:1.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "821C9240-E41E-4BCC-910E-63304F8E3790",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:icinga:icinga:1.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADFD2677-6BF6-4985-B915-A9395B4A620E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:icinga:icinga:1.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCF96645-E8B6-443A-8761-6F879042F689",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:icinga:icinga:1.10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "21460019-53D0-440D-A0A6-4B778B478B4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:icinga:icinga:1.10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "30895AD2-198A-4329-9987-347AABDD7C10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple stack-based buffer overflows in Icinga before 1.8.5, 1.9 before 1.9.4, and 1.10 before 1.10.2 allow remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a long string to the (1) display_nav_table, (2) page_limit_selector, (3) print_export_link, or (4) page_num_selector function in cgi/cgiutils.c; (5) status_page_num_selector function in cgi/status.c; or (6) display_command_expansion function in cgi/config.c.  NOTE: this can be exploited without authentication by leveraging CVE-2013-7107."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples desbordamientos de buffer basados en pila en Icinga anteriores a 1.8.5, 1.9 anteriores a 1.9.4, y 1.10 anteriores a 1.10.2 permite a atacantes autenticados remotamente causar denegaci\u00f3n de servicio (ca\u00edda) y posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de una cadena larga a las funciones en cgi/cgiutils.c (1) display_nav_table, (2) page_limit_selector, (3) print_export_link, o (4) page_num_selector; (5) la funci\u00f3n status_page_num_selector en cgi/status.c; o (6) la funci\u00f3n display_command_expansion en cgi/config.c. NOTA: este problema puede ser explotado sin autenticaci\u00f3n aprovechando la vulnerabilidad CVE-2013-7107."
    }
  ],
  "id": "CVE-2013-7106",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-01-15T16:08:03.877",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://www.openwall.com/lists/oss-security/2013/12/16/4"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://dev.icinga.org/issues/5250"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.icinga.org/2013/12/17/icinga-security-releases-1-10-2-1-9-4-1-8-5/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2013/12/16/4"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://dev.icinga.org/issues/5250"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.icinga.org/2013/12/17/icinga-security-releases-1-10-2-1-9-4-1-8-5/"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.