Red Hat Bugzilla – Bug 190612
CVE-2006-2162 nagios buffer overflow
Last modified: 2007-11-30 17:11:31 EST
Buffer overflow in CGI scripts in Nagios 1.x before 1.4 and 2.x before
2.3 allows remote attackers to execute arbitrary code via a negative
content length (Content-Length) HTTP header.
It should be noted that apache 2 will not allow this condition to happen.
Thanks for the heads up. I've sent the 2.3 update to buildsys and it should be