Launchpad CVE tracker

CVE 2007-5198

Buffer overflow in the redir function in check_http.c in Nagios Plugins before 1.4.10, when running with the -f (follow) option, allows remote web servers to execute arbitrary code via Location header responses (redirects) with a large number of leading "L" characters.

Related bugs and status

CVE-2007-5198 (Candidate) is related to these bugs:

Bug #152624: Buffer overflow in check_http.c (CVE-2007-5198)

		In	Importance	Status
152624	Buffer overflow in check_http.c (CVE-2007-5198)	nagios-plugins (Ubuntu)	Undecided	Fix Released
152624	Buffer overflow in check_http.c (CVE-2007-5198)	nagios-plugins (Ubuntu Edgy)	Undecided	Fix Released
152624	Buffer overflow in check_http.c (CVE-2007-5198)	nagios-plugins (Ubuntu Feisty)	Undecided	Fix Released
152624	Buffer overflow in check_http.c (CVE-2007-5198)	nagios-plugins (Ubuntu Dapper)	Undecided	Fix Released

Bug #158859: Merge nagios-plugins 1.4.8-2.2 from Debian unstable

Summary				In	Importance	Status
	158859	Merge nagios-plugins 1.4.8-2.2 from Debian unstable		nagios-plugins (Ubuntu)	Wishlist	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2007-5198

References