CVE-2013-7106
published 2014-01-15CVE-2013-7106: Multiple stack-based buffer overflows in Icinga before 1.8.5, 1.9 before 1.9.4, and 1.10 before 1.10.2 allow remote authenticated users to cause a denial of…
PriorityP335medium6.5CVSS 2.0
AVNACLAuSCPIPAP
EPSS
2.54%
83.0th percentile
Multiple stack-based buffer overflows in Icinga before 1.8.5, 1.9 before 1.9.4, and 1.10 before 1.10.2 allow remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a long string to the (1) display_nav_table, (2) page_limit_selector, (3) print_export_link, or (4) page_num_selector function in cgi/cgiutils.c; (5) status_page_num_selector function in cgi/status.c; or (6) display_command_expansion function in cgi/config.c. NOTE: this can be exploited without authentication by leveraging CVE-2013-7107.
Affected
40 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| icinga | icinga | <= 1.8.4 | — |
| icinga | icinga | <= 1.10.2 | — |
| icinga | icinga | — | — |
| icinga | icinga | — | — |
| icinga | icinga | — | — |
| icinga | icinga | — | — |
| icinga | icinga | — | — |
| icinga | icinga | — | — |
| icinga | icinga | — | — |
| icinga | icinga | — | — |
| icinga | icinga | — | — |
| icinga | icinga | — | — |
| icinga | icinga | — | — |
| icinga | icinga | — | — |
| icinga | icinga | — | — |
| icinga | icinga | — | — |
| icinga | icinga | — | — |
| icinga | icinga | — | — |
| icinga | icinga | — | — |
| icinga | icinga | — | — |
| icinga | icinga | — | — |
| icinga | icinga | — | — |
| icinga | icinga | — | — |
| icinga | icinga | — | — |
| icinga | icinga | — | — |
CVSS provenance
nvdv2.06.5MEDIUMAV:N/AC:L/Au:S/C:P/I:P/A:P
osv6.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-967x-cpx9-7xr2: Cross-site request forgery (CSRF) vulnerability in cmd
ghsa_unreviewed·2022-05-17·CVSS 6.5
CVE-2013-7107 [MEDIUM] CWE-352 GHSA-967x-cpx9-7xr2: Cross-site request forgery (CSRF) vulnerability in cmd
Cross-site request forgery (CSRF) vulnerability in cmd.cgi in Icinga 1.8.5, 1.9.4, 1.10.2, and earlier allows remote attackers to hijack the authentication of users for unspecified commands via unspecified vectors, as demonstrated by bypassing authentication requirements for CVE-2013-7106.
GHSA
GHSA-8g54-hg6f-wpv7: Multiple stack-based buffer overflows in Icinga before 1
ghsa_unreviewed·2022-05-17·CVSS 6.8
CVE-2013-7106 [MEDIUM] CWE-119 GHSA-8g54-hg6f-wpv7: Multiple stack-based buffer overflows in Icinga before 1
Multiple stack-based buffer overflows in Icinga before 1.8.5, 1.9 before 1.9.4, and 1.10 before 1.10.2 allow remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a long string to the (1) display_nav_table, (2) page_limit_selector, (3) print_export_link, or (4) page_num_selector function in cgi/cgiutils.c; (5) status_page_num_selector function in cgi/status.c; or (6) display_command_expansion function in cgi/config.c. NOTE: this can be exploited without authentication by leveraging CVE-2013-7107.
OSV
CVE-2013-7107: Cross-site request forgery (CSRF) vulnerability in cmd
osv·2014-01-15·CVSS 6.5
CVE-2013-7107 [MEDIUM] CVE-2013-7107: Cross-site request forgery (CSRF) vulnerability in cmd
Cross-site request forgery (CSRF) vulnerability in cmd.cgi in Icinga 1.8.5, 1.9.4, 1.10.2, and earlier allows remote attackers to hijack the authentication of users for unspecified commands via unspecified vectors, as demonstrated by bypassing authentication requirements for CVE-2013-7106.
OSV
CVE-2013-7106: Multiple stack-based buffer overflows in Icinga before 1
osv·2014-01-15·CVSS 6.5
CVE-2013-7106 [MEDIUM] CVE-2013-7106: Multiple stack-based buffer overflows in Icinga before 1
Multiple stack-based buffer overflows in Icinga before 1.8.5, 1.9 before 1.9.4, and 1.10 before 1.10.2 allow remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a long string to the (1) display_nav_table, (2) page_limit_selector, (3) print_export_link, or (4) page_num_selector function in cgi/cgiutils.c; (5) status_page_num_selector function in cgi/status.c; or (6) display_command_expansion function in cgi/config.c. NOTE: this can be exploited without authentication by leveraging CVE-2013-7107.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://www.openwall.com/lists/oss-security/2013/12/16/4https://dev.icinga.org/issues/5250https://www.icinga.org/2013/12/17/icinga-security-releases-1-10-2-1-9-4-1-8-5/http://www.openwall.com/lists/oss-security/2013/12/16/4https://dev.icinga.org/issues/5250https://www.icinga.org/2013/12/17/icinga-security-releases-1-10-2-1-9-4-1-8-5/
2014-01-15
Published