Package: nagios-plugins
Version: 1.4.8-2.1
Severity: important
The security fix for nagios-plugins (1.4.8-2.1) does not contain the complete
fix for CVE-2007-5198. Relevant svn commits are r1740, r1742 and r1807. It
appears that the patch contains the fixes for r1740 and r1742, but not r1807.
Please see:
http://sourceforge.net/tracker/index.php?func=detail&aid=1813346&group_id=29880&atid=397597
Attached is the svn commit for this issue.
-- System Information:
Debian Release: lenny/sid
APT prefers gutsy-updates
APT policy: (500, 'gutsy-updates'), (500, 'gutsy-security'), (500, 'gutsy')
Architecture: i386 (i686)
Kernel: Linux 2.6.22-14-386
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Index: nagiosplug/trunk/plugins/check_http.c
===================================================================
--- nagiosplug/trunk/plugins/check_http.c (revision 1806)
+++ nagiosplug/trunk/plugins/check_http.c (revision 1807)
@@ -1062,7 +1062,6 @@
/* per RFC 2396 */
-#define HDR_LOCATION "%*[Ll]%*[Oo]%*[Cc]%*[Aa]%*[Tt]%*[Ii]%*[Oo]%*[Nn]: "
#define URI_HTTP "%5[HTPShtps]"
#define URI_HOST "%255[-.abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789]"
#define URI_PORT "%6d" /* MAX_PORT's width is 5 chars, 6 to detect overflow */
@@ -1092,7 +1091,7 @@
die (STATE_UNKNOWN, _("HTTP UNKNOWN - Could not allocate url\n"));
while (pos) {
- sscanf (pos, "%[Ll]%*[Oo]%*[Cc]%*[Aa]%*[Tt]%*[Ii]%*[Oo]%*[Nn]:%n", xx, &i);
+ sscanf (pos, "%1[Ll]%*1[Oo]%*1[Cc]%*1[Aa]%*1[Tt]%*1[Ii]%*1[Oo]%*1[Nn]:%n", xx, &i);
if (i == 0) {
pos += (size_t) strcspn (pos, "\r\n");
pos += (size_t) strspn (pos, "\r\n");
