[seanius at debian.org: Re: CVE-2006-2162: Buffer overflow in nagios]

sean finney seanius at seanius.net
Fri May 12 11:48:56 CEST 2006

Previous message: [seanius at debian.org: Re: CVE-2006-2162: Buffer overflow in nagios]
Next message: [seanius at debian.org: Re: CVE-2006-2162: Buffer overflow in nagios]
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

hey ethan,

On Thu, May 11, 2006 at 02:17:14PM -0500, Ethan Galstad wrote:
> If the packet is greater than INT_MAX in size, then yes, the integer 
> would probably overflow and result in a negative size. The patch to the 
> Nagios CGI handles negative values for the Content-Length, so unless I'm 
> missing something, we should be okay.  Someone please chime in if you 
> believe otherwise.

try setting Content-Length to INT_MAX-1.  because later:

      if(!(cgiinput=(char *)malloc(content_length+1))){


	sean
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <https://www.monitoring-lists.org/archive/developers/attachments/20060512/a09521ea/attachment.sig>

Previous message: [seanius at debian.org: Re: CVE-2006-2162: Buffer overflow in nagios]
Next message: [seanius at debian.org: Re: CVE-2006-2162: Buffer overflow in nagios]
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Developers mailing list