CVE-2018-13441 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2018-13441 Interim 1 29 2025-02-17T02:43:50Z current 2021-05-30T14:14:56Z 2025-02-17T02:43:50Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2018-13441 qh_help in Nagios Core version 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attacker to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/HKTKWPRP5BSNBXHHJ3JC2CHRRZALRC26/ E-Mail link for openSUSE-SU-2020:0500-1 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/G5J75GK25DTTK4SXS4VCSBZ3KBQ2JPAU/ E-Mail link for openSUSE-SU-2020:0517-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Server 11 SP1 for Teradata SUSE Linux Enterprise Server 11 SP3 LTSS SUSE Linux Enterprise Server 11 SP3 for Teradata SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Server 11 SP4-LTSS SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Bootstrap Kit 12 SUSE Package Hub 15 SP1 openSUSE Leap 15.1 openSUSE Tumbleweed nagios nagios-4.4.5-bp151.4.3.1 nagios-4.4.5-lp151.5.4.1 nagios-4.4.6-2.5 nagios-contrib-4.4.5-bp151.4.3.1 nagios-contrib-4.4.5-lp151.5.4.1 nagios-contrib-4.4.6-2.5 nagios-devel nagios-devel-4.4.5-bp151.4.3.1 nagios-devel-4.4.5-lp151.5.4.1 nagios-devel-4.4.6-2.5 nagios-theme-exfoliation-4.4.5-bp151.4.3.1 nagios-theme-exfoliation-4.4.5-lp151.5.4.1 nagios-theme-exfoliation-4.4.6-2.5 nagios-www nagios-www-4.4.5-bp151.4.3.1 nagios-www-4.4.5-lp151.5.4.1 nagios-www-4.4.6-2.5 nagios-www-dch-4.4.5-bp151.4.3.1 nagios-www-dch-4.4.5-lp151.5.4.1 nagios-www-dch-4.4.6-2.5 nagios-4.4.5-bp151.4.3.1 as a component of SUSE Package Hub 15 SP1 nagios-contrib-4.4.5-bp151.4.3.1 as a component of SUSE Package Hub 15 SP1 nagios-devel-4.4.5-bp151.4.3.1 as a component of SUSE Package Hub 15 SP1 nagios-theme-exfoliation-4.4.5-bp151.4.3.1 as a component of SUSE Package Hub 15 SP1 nagios-www-4.4.5-bp151.4.3.1 as a component of SUSE Package Hub 15 SP1 nagios-www-dch-4.4.5-bp151.4.3.1 as a component of SUSE Package Hub 15 SP1 nagios-4.4.5-lp151.5.4.1 as a component of openSUSE Leap 15.1 nagios-contrib-4.4.5-lp151.5.4.1 as a component of openSUSE Leap 15.1 nagios-devel-4.4.5-lp151.5.4.1 as a component of openSUSE Leap 15.1 nagios-theme-exfoliation-4.4.5-lp151.5.4.1 as a component of openSUSE Leap 15.1 nagios-www-4.4.5-lp151.5.4.1 as a component of openSUSE Leap 15.1 nagios-www-dch-4.4.5-lp151.5.4.1 as a component of openSUSE Leap 15.1 nagios-4.4.6-2.5 as a component of openSUSE Tumbleweed nagios-contrib-4.4.6-2.5 as a component of openSUSE Tumbleweed nagios-devel-4.4.6-2.5 as a component of openSUSE Tumbleweed nagios-theme-exfoliation-4.4.6-2.5 as a component of openSUSE Tumbleweed nagios-www-4.4.6-2.5 as a component of openSUSE Tumbleweed nagios-www-dch-4.4.6-2.5 as a component of openSUSE Tumbleweed nagios as a component of SUSE Linux Enterprise Server 11 SP1 for Teradata nagios as a component of SUSE Linux Enterprise Server 11 SP3 LTSS nagios as a component of SUSE Linux Enterprise Server 11 SP3 for Teradata nagios as a component of SUSE Linux Enterprise Server 11 SP4-LTSS nagios-www as a component of SUSE Linux Enterprise Server 11 SP4-LTSS nagios as a component of SUSE Linux Enterprise Software Bootstrap Kit 12 nagios as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 nagios-devel as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 nagios-www as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 qh_help in Nagios Core version 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attacker to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket. CVE-2018-13441 SUSE Package Hub 15 SP1:nagios-4.4.5-bp151.4.3.1 SUSE Package Hub 15 SP1:nagios-contrib-4.4.5-bp151.4.3.1 SUSE Package Hub 15 SP1:nagios-devel-4.4.5-bp151.4.3.1 SUSE Package Hub 15 SP1:nagios-theme-exfoliation-4.4.5-bp151.4.3.1 SUSE Package Hub 15 SP1:nagios-www-4.4.5-bp151.4.3.1 SUSE Package Hub 15 SP1:nagios-www-dch-4.4.5-bp151.4.3.1 openSUSE Leap 15.1:nagios-4.4.5-lp151.5.4.1 openSUSE Leap 15.1:nagios-contrib-4.4.5-lp151.5.4.1 openSUSE Leap 15.1:nagios-devel-4.4.5-lp151.5.4.1 openSUSE Leap 15.1:nagios-theme-exfoliation-4.4.5-lp151.5.4.1 openSUSE Leap 15.1:nagios-www-4.4.5-lp151.5.4.1 openSUSE Leap 15.1:nagios-www-dch-4.4.5-lp151.5.4.1 openSUSE Tumbleweed:nagios-4.4.6-2.5 openSUSE Tumbleweed:nagios-contrib-4.4.6-2.5 openSUSE Tumbleweed:nagios-devel-4.4.6-2.5 openSUSE Tumbleweed:nagios-theme-exfoliation-4.4.6-2.5 openSUSE Tumbleweed:nagios-www-4.4.6-2.5 openSUSE Tumbleweed:nagios-www-dch-4.4.6-2.5 SUSE Linux Enterprise Server 11 SP1 for Teradata:nagios SUSE Linux Enterprise Server 11 SP3 LTSS:nagios SUSE Linux Enterprise Server 11 SP3 for Teradata:nagios SUSE Linux Enterprise Server 11 SP4-LTSS:nagios SUSE Linux Enterprise Server 11 SP4-LTSS:nagios-www SUSE Linux Enterprise Software Bootstrap Kit 12:nagios SUSE Linux Enterprise Software Development Kit 11 SP4:nagios SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-devel SUSE Linux Enterprise Software Development Kit 11 SP4:nagios-www moderate 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P 5.5 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H