[TriLUG] Re: Nagios plugin check_http segmentation fault - potential for buffer overflow?

Wed, 22 Nov 2006 11:55:37 -0800 

oh, I forgot my nagios-plugins package version:
nagios-plugins-1.4.4-1.el4.rf from same DAG repo on CentOS 4.4

:)


On 11/22/06, David McDowell <[EMAIL PROTECTED]> wrote:

I am running nagios-2.5-1.el4.rf  version from DAG repo on CentOS 4.4.
 I ran across this only b/c I forgot to setup my good username and
password in my /etc/nagios/resources.cfg file for this plugin to use.
Scenario 2 is a result of that *oops* if you fake the oops on the
command line and is the important one to focus on.  Does this leave
open the potential for a buffer overflow and if so, I suppose I should
report it.  I wanted to share with others first for more input.
Notice the 2nd part of Result 2 still returns green OK to nagios, this
can't be by design is it?

Scenario 1:  submit bad username and bad password

[EMAIL PROTECTED] plugins]# ./check_http -H 192.168.1.61 -S -a badfoo:badbar
HTTP WARNING: HTTP/1.1 401 Authorization Required

Result 1:  works as expected

Scenario 2:  forget to setup the user argument resources in
/etc/nagios/resource.cfg and then you get this:

[EMAIL PROTECTED] plugins]# ./check_http -H 192.168.1.61 -S -a :
Segmentation fault

Result 2:  uh oh, could this leave room for a buffer overflow attack?
I'm not sure this should be segmentation faulting.  Also, "No Output!"
is the message returned to nagios and the service is left green OK as
if nothing is wrong with it.

Scenario 3:  correctly setup /etc/nagios/resources.cfg with good
username and password

[EMAIL PROTECTED] plugins]# ./check_http -H 192.168.1.61 -S -a goodfoo:goodbar
HTTP OK HTTP/1.1 200 OK - 11174 bytes in 0.096 seconds
|time=0.096014s;;;0.000000 size=11174B;;;0

Result 3:  works as expected


I hope I've included enough info.  If anyone has immediate direct
contact with any of the nagios folks, this might be a good one to
share with them right away.  If anyone else is so inclined, can you
also reproduce this error?  I can reproduce this same error/results
with nagios-2.4-1.el4.rf from DAG repo as well.

thanks,
David McD


--
TriLUG mailing list        : http://www.trilug.org/mailman/listinfo/trilug
TriLUG Organizational FAQ  : http://trilug.org/faq/
TriLUG Member Services FAQ : http://members.trilug.org/services_faq/

Reply via email to