7.5

CVE-2006-2489

Integer overflow in CGI scripts in Nagios 1.x before 1.4.1 and 2.x before 2.3.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a content length (Content-Length) HTTP header.  NOTE: this is a different vulnerability than CVE-2006-2162.

Data is provided by the National Vulnerability Database (NVD)
NagiosNagios Version1.0
NagiosNagios Version1.0b1
NagiosNagios Version1.0b2
NagiosNagios Version1.0b3
NagiosNagios Version1.0b4
NagiosNagios Version1.0b5
NagiosNagios Version1.0b6
NagiosNagios Version1.1
NagiosNagios Version1.2
NagiosNagios Version1.3
NagiosNagios Version1.4
NagiosNagios Version2.0
NagiosNagios Version2.0b1
NagiosNagios Version2.0b2
NagiosNagios Version2.0b3
NagiosNagios Version2.0b4
NagiosNagios Version2.0b5
NagiosNagios Version2.0b6
NagiosNagios Version2.0rc1
NagiosNagios Version2.0rc2
NagiosNagios Version2.1
NagiosNagios Version2.2
NagiosNagios Version2.3
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 1.92% 0.825
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P