CVE-2013-7205

Name of the Vulnerable Software and Affected Versions Nagios Core versions 3.5.1, 4.0.2, and earlier

Description The issue is related to an off-by-one error in the process cgivars function. This error can be triggered by a long string in the last key value in the variable list, leading to a heap-based buffer over-read. As a result, remote authenticated users may obtain sensitive information from process memory or cause a denial of service, resulting in a crash.

Recommendations For Nagios Core versions 3.5.1, 4.0.2, and earlier, consider updating to a newer version to mitigate the risk, although the specific fixed version is not provided in the available information. At the moment, there is no information about a newer version that contains a fix for this vulnerability.