Cyrax

**Name of the Vulnerable Software and Affected Versions** Nagios Core versions prior to 3.4.4 Icinga versions 1.6.x prior to 1.6.2 Icinga versions 1.7.x prior to 1.7.4 Icinga versions 1.8.x prior to 1.8.4 **Description** The issue is related to multiple stack-based buffer overflows in the get history function in history.cgi. This might allow remote attackers to execute arbitrary code via a long `host name` variable (host parameter) or `svc description` variable. **Recommendations** For Nagios Core versions prior to 3.4.4, update to version 3.4.4 or later. For Icinga versions 1.6.x prior to 1.6.2, update to version 1.6.2 or later. For Icinga versions 1.7.x prior to 1.7.4, update to version 1.7.4 or later. For Icinga versions 1.8.x prior to 1.8.4, update to version 1.8.4 or later.