Published: 12/07/2018 Updated: 11/04/2020

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 435

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

qh_core in Nagios Core 4.4.1 and previous versions is prone to a NULL pointer dereference vulnerability, which allows malicious users to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket.

Vulnerable Product	Search on Vulmon	Subscribe to Product
nagios nagios core

Debian Bug report logs - #917160 nagios4: CVE-2018-13441 CVE-2018-13457 CVE-2018-13458 Package: src:nagios4; Maintainer for src:nagios4 is Russell Stuart <russell-debian@stuartidau>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sun, 23 Dec 2018 13:21:02 UTC Severity: grave Tags: patch, security, upst ...

# Exploit Title: Nagios Core Multiple Local Denial of Service # Date: 2018-07-09 # Exploit Author: Fakhri Zulkifli (@d0lph1n98) # Vendor Homepage: wwwnagiosorg/ # Software Link: wwwnagiosorg/downloads/nagios-core/ # Version: 441 and earlier # Tested on: 441 qh_core, qh_help, and qh_echo in Nagios Core 441 and earlier is ...

Nagios Core versions 441 and below suffer from a denial of service vulnerability ...

CWE-476 https://gist.github.com/fakhrizulkifli/40f3daf52950cca6de28ebec2498ff6e https://www.exploit-db.com/exploits/45082/https://knowledge.opsview.com/v5.4/docs/whats-new https://knowledge.opsview.com/v5.3/docs/whats-new http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00014.html http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00022.html https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917160 https://nvd.nist.gov https://www.exploit-db.com/exploits/45082/

CVE-2018-13458

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect