OVAL Reference oval:org.opensuse.security:def:20137108

Oval Definition:

oval:org.opensuse.security:def:20137108

Revision Date:	2022-06-30	Version:	1
Title:	CVE-2013-7108
Description:	Multiple off-by-one errors in Nagios Core 3.5.1, 4.0.2, and earlier, and Icinga before 1.8.5, 1.9 before 1.9.4, and 1.10 before 1.10.2 allow remote authenticated users to obtain sensitive information from process memory or cause a denial of service (crash) via a long string in the last key value in the variable list to the process_cgivars function in (1) avail.c, (2) cmd.c, (3) config.c, (4) extinfo.c, (5) histogram.c, (6) notifications.c, (7) outages.c, (8) status.c, (9) statusmap.c, (10) summary.c, and (11) trends.c in cgi/, which triggers a heap-based buffer over-read.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2013-7108 Mitre CVE-2013-7108 SUSE CVE-2013-7108 openSUSE-SU-2014:0016-1 openSUSE-SU-2014:0016-1 openSUSE-SU-2014:0039-1 openSUSE-SU-2014:0039-1 openSUSE-SU-2014:0069-1 openSUSE-SU-2014:0069-1 openSUSE-SU-2014:0097-1 openSUSE-SU-2014:0097-1 SUSE-SU-2014:0156-1 SUSE-SU-2014:0156-1
Platform(s):	openSUSE 12.2 Update openSUSE 12.3 Update openSUSE 13.1 openSUSE Leap 42.1 openSUSE Leap 42.2 openSUSE Leap 42.3 openSUSE Tumbleweed SUSE CORE 9 for AMD64 and Intel EM64T SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Server 11 SP1 for Teradata SUSE Linux Enterprise Server 11 SP1-TERADATA SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3-TERADATA SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server for SAP Applications 11 SP1-TERADATA SUSE Linux Enterprise Server for SAP Applications 11 SP2 SUSE Linux Enterprise Server for SAP Applications 11 SP3 SUSE Linux Enterprise Server for SAP Applications 11 SP3-TERADATA SUSE Linux Enterprise Server for SAP Applications 11 SP4 SUSE Linux Enterprise Server for VMWare 11 SP2 SUSE Linux Enterprise Server for VMWare 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Teradata 10 SP3 for AMD64 and Intel EM64T	Product(s):
Definition Synopsis
openSUSE Leap 42.1 is installed AND Package Information monitoring-tools-1.13.3-1.5 is installed AND monitoring-tools is signed with openSUSE key
Definition Synopsis
openSUSE Leap 42.2 is installed AND Package Information monitoring-tools-1.13.3-2.41 is installed AND monitoring-tools is signed with openSUSE key
Definition Synopsis
SUSE Linux Enterprise Server 11 SP3 is installed AND Package Information nagios-3.0.6-1.25.34 is installed OR nagios-www-3.0.6-1.25.34 is installed
Definition Synopsis
openSUSE 13.1 is installed AND Package Information icinga-1.10.2-4.6.1 is installed OR icinga-devel-1.10.2-4.6.1 is installed OR icinga-doc-1.10.2-4.6.1 is installed OR icinga-idoutils-1.10.2-4.6.1 is installed OR icinga-idoutils-mysql-1.10.2-4.6.1 is installed OR icinga-idoutils-oracle-1.10.2-4.6.1 is installed OR icinga-idoutils-pgsql-1.10.2-4.6.1 is installed OR icinga-plugins-downtimes-1.10.2-4.6.1 is installed OR icinga-plugins-eventhandlers-1.10.2-4.6.1 is installed OR icinga-www-1.10.2-4.6.1 is installed OR monitoring-tools-1.10.2-4.6.1 is installed OR nagios-3.5.1-3.5.1 is installed OR nagios-devel-3.5.1-3.5.1 is installed OR nagios-www-3.5.1-3.5.1 is installed OR nagios-www-dch-3.5.1-3.5.1 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP2 is installed AND nagios-3.0.6-1.25.34 is installed OR nagios-www-3.0.6-1.25.34 is installed OR Package Information SUSE Linux Enterprise Server 11 SP3 is installed AND nagios-3.0.6-1.25.34 is installed OR nagios-www-3.0.6-1.25.34 is installed OR Package Information SUSE Linux Enterprise Server 11 SP4 is installed AND nagios-3.0.6-1.25.36 is installed OR nagios-www-3.0.6-1.25.36 is installed OR Package Information SUSE Linux Enterprise Server for VMWare 11 SP2 is installed AND nagios-3.0.6-1.25.34 is installed OR nagios-www-3.0.6-1.25.34 is installed OR Package Information SUSE Linux Enterprise Server for VMWare 11 SP3 is installed AND nagios-3.0.6-1.25.34 is installed OR nagios-www-3.0.6-1.25.34 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP2 is installed AND nagios-3.0.6-1.25.34.1 is installed OR nagios-www-3.0.6-1.25.34.1 is installed OR Package Information SUSE Linux Enterprise Server 11 SP3 is installed AND nagios-3.0.6-1.25.34.1 is installed OR nagios-www-3.0.6-1.25.34.1 is installed OR Package Information SUSE Linux Enterprise Server for VMWare 11 SP2 is installed AND nagios-3.0.6-1.25.34.1 is installed OR nagios-www-3.0.6-1.25.34.1 is installed OR Package Information SUSE Linux Enterprise Server for VMWare 11 SP3 is installed AND nagios-3.0.6-1.25.34.1 is installed OR nagios-www-3.0.6-1.25.34.1 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP2 is installed AND nagios-3.0.6-1.25.34.1 is installed OR nagios-www-3.0.6-1.25.34.1 is installed OR Package Information SUSE Linux Enterprise Server 11 SP3 is installed AND nagios-3.0.6-1.25.34.1 is installed OR nagios-www-3.0.6-1.25.34.1 is installed OR Package Information SUSE Linux Enterprise Server 11 SP4 is installed AND nagios-3.0.6-1.25.36.1 is installed OR nagios-www-3.0.6-1.25.36.1 is installed OR Package Information SUSE Linux Enterprise Server for VMWare 11 SP2 is installed AND nagios-3.0.6-1.25.34.1 is installed OR nagios-www-3.0.6-1.25.34.1 is installed OR Package Information SUSE Linux Enterprise Server for VMWare 11 SP3 is installed AND nagios-3.0.6-1.25.34.1 is installed OR nagios-www-3.0.6-1.25.34.1 is installed OR Package Information SUSE Linux Enterprise Software Development Kit 11 SP2 is installed AND nagios-3.0.6-1.25.34.1 is installed OR nagios-devel-3.0.6-1.25.34.1 is installed OR nagios-www-3.0.6-1.25.34.1 is installed OR Package Information SUSE Linux Enterprise Software Development Kit 11 SP3 is installed AND nagios-3.0.6-1.25.34.1 is installed OR nagios-devel-3.0.6-1.25.34.1 is installed OR nagios-www-3.0.6-1.25.34.1 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP2 is installed AND nagios-3.0.6-1.25.34 is installed OR nagios-www-3.0.6-1.25.34 is installed OR Package Information SUSE Linux Enterprise Server 11 SP3 is installed AND nagios-3.0.6-1.25.34 is installed OR nagios-www-3.0.6-1.25.34 is installed OR Package Information SUSE Linux Enterprise Server 11 SP4 is installed AND nagios-3.0.6-1.25.36 is installed OR nagios-www-3.0.6-1.25.36 is installed OR Package Information SUSE Linux Enterprise Server for VMWare 11 SP2 is installed AND nagios-3.0.6-1.25.34 is installed OR nagios-www-3.0.6-1.25.34 is installed OR Package Information SUSE Linux Enterprise Server for VMWare 11 SP3 is installed AND nagios-3.0.6-1.25.34 is installed OR nagios-www-3.0.6-1.25.34 is installed OR Package Information SUSE Linux Enterprise Software Development Kit 11 SP2 is installed AND nagios-3.0.6-1.25.34 is installed OR nagios-devel-3.0.6-1.25.34 is installed OR nagios-www-3.0.6-1.25.34 is installed OR Package Information SUSE Linux Enterprise Software Development Kit 11 SP3 is installed AND nagios-3.0.6-1.25.34 is installed OR nagios-devel-3.0.6-1.25.34 is installed OR nagios-www-3.0.6-1.25.34 is installed OR Package Information SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND nagios-3.0.6-1.25.36 is installed OR nagios-devel-3.0.6-1.25.36 is installed OR nagios-www-3.0.6-1.25.36 is installed
Definition Synopsis
openSUSE Leap 42.3 is installed AND Package Information monitoring-tools-1.14.0-7 is installed AND monitoring-tools is signed with openSUSE key
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP4 is installed AND nagios-3.0.6-1.25.36 is installed OR nagios-www-3.0.6-1.25.36 is installed OR Package Information SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND nagios-3.0.6-1.25.36 is installed OR nagios-devel-3.0.6-1.25.36 is installed OR nagios-www-3.0.6-1.25.36 is installed OR Package Information SUSE Linux Enterprise Software Development Kit 11 SP2 is installed OR SUSE Linux Enterprise Software Development Kit 11 SP3 is installed AND nagios-3.0.6-1.25.34 is installed OR nagios-devel-3.0.6-1.25.34 is installed OR nagios-www-3.0.6-1.25.34 is installed OR Package Information SUSE Linux Enterprise Server 11 SP2 is installed OR SUSE Linux Enterprise Server 11 SP3 is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP2 is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP3 is installed OR SUSE Linux Enterprise Server for VMWare 11 SP2 is installed OR SUSE Linux Enterprise Server for VMWare 11 SP3 is installed AND nagios-3.0.6-1.25.34 is installed OR nagios-www-3.0.6-1.25.34 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP4 is installed AND nagios-3.0.6-1.25.36 is installed OR nagios-www-3.0.6-1.25.36 is installed OR Package Information SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND nagios-3.0.6-1.25.36 is installed OR nagios-devel-3.0.6-1.25.36 is installed OR nagios-www-3.0.6-1.25.36 is installed OR Package Information SUSE Linux Enterprise Software Development Kit 11 SP3 is installed AND nagios-3.0.6-1.25.36 is installed OR nagios-devel-3.0.6-1.25.34 is installed OR nagios-www-3.0.6-1.25.36 is installed OR Package Information SUSE Linux Enterprise Software Development Kit 11 SP2 is installed AND nagios-3.0.6-1.25.34 is installed OR nagios-devel-3.0.6-1.25.34 is installed OR nagios-www-3.0.6-1.25.34 is installed OR Package Information SUSE Linux Enterprise Server 11 SP1-TERADATA is installed OR SUSE Linux Enterprise Server 11 SP2 is installed OR SUSE Linux Enterprise Server 11 SP3 is installed OR SUSE Linux Enterprise Server 11 SP3-TERADATA is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP1-TERADATA is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP2 is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP3 is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP3-TERADATA is installed OR SUSE Linux Enterprise Server for VMWare 11 SP2 is installed OR SUSE Linux Enterprise Server for VMWare 11 SP3 is installed AND nagios-3.0.6-1.25.34 is installed OR nagios-www-3.0.6-1.25.34 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP3 is installed OR SUSE Linux Enterprise Server 11 SP3-TERADATA is installed AND Package Information nagios-3.0.6-1.25.34 is installed OR nagios-www-3.0.6-1.25.34 is installed
Definition Synopsis
openSUSE Tumbleweed is installed AND Package Information icinga-1.13.3-2.4 is installed OR icinga-devel-1.13.3-2.4 is installed OR icinga-doc-1.13.3-2.4 is installed OR icinga-idoutils-1.13.3-2.4 is installed OR icinga-idoutils-mysql-1.13.3-2.4 is installed OR icinga-idoutils-oracle-1.13.3-2.4 is installed OR icinga-idoutils-pgsql-1.13.3-2.4 is installed OR icinga-plugins-downtimes-1.13.3-2.4 is installed OR icinga-plugins-eventhandlers-1.13.3-2.4 is installed OR icinga-www-1.13.3-2.4 is installed OR icinga-www-config-1.13.3-2.4 is installed OR monitoring-tools-1.13.3-2.4 is installed OR nagios-4.4.6-2.5 is installed OR nagios-contrib-4.4.6-2.5 is installed OR nagios-devel-4.4.6-2.5 is installed OR nagios-theme-exfoliation-4.4.6-2.5 is installed OR nagios-www-4.4.6-2.5 is installed OR nagios-www-dch-4.4.6-2.5 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP4 is installed AND nagios-3.0.6-1.25.36.1 is installed OR nagios-www-3.0.6-1.25.36.1 is installed OR Package Information SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND nagios-3.0.6-1.25.36.1 is installed OR nagios-devel-3.0.6-1.25.36.1 is installed OR nagios-www-3.0.6-1.25.36.1 is installed OR Package Information SUSE Linux Enterprise Software Development Kit 11 SP2 is installed AND nagios-3.0.6-1.25.34.1 is installed OR nagios-devel-3.0.6-1.25.34.1 is installed OR nagios-www-3.0.6-1.25.34.1 is installed OR Package Information SUSE Linux Enterprise Software Development Kit 11 SP3 is installed AND nagios-3.0.6-1.25.36.1 is installed OR nagios-devel-3.0.6-1.25.34.1 is installed OR nagios-www-3.0.6-1.25.36.1 is installed OR Package Information SUSE Linux Enterprise Server 11 SP1-TERADATA is installed OR SUSE Linux Enterprise Server 11 SP2 is installed OR SUSE Linux Enterprise Server 11 SP3 is installed OR SUSE Linux Enterprise Server 11 SP3-TERADATA is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP2 is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP3 is installed AND nagios-3.0.6-1.25.34.1 is installed OR nagios-www-3.0.6-1.25.34.1 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP4 is installed AND nagios-3.0.6-1.25.36.1 is installed OR nagios-www-3.0.6-1.25.36.1 is installed OR Package Information SUSE Linux Enterprise Server 11 SP1-TERADATA is installed OR SUSE Linux Enterprise Server 11 SP2 is installed OR SUSE Linux Enterprise Server 11 SP3 is installed OR SUSE Linux Enterprise Server 11 SP3-TERADATA is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP2 is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP3 is installed AND nagios-3.0.6-1.25.34.1 is installed OR nagios-www-3.0.6-1.25.34.1 is installed

BACK