Nagios NRPE 3.2.1 has a Heap-Based Buffer Overflow, as demonstrated by interpretation of a small negative number as a large positive number during a bzero call.
When converting from one data type to another, such as long to integer, data can be omitted or translated in a way that produces unexpected values. If the resulting values are used in a sensitive context, then dangerous behaviors may occur.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Remote_plug_in_executor | Nagios | 3.2.1 (including) | 3.2.1 (including) |