Ubuntu Security Notice 287-1: The nagios CGI scripts did not sufficiently check the validity of the HTTP Content-Length attribute. By sending a specially crafted HTTP request with an invalidly large Content-Length value to the Nagios server, a remote attacker could exploit this to execute arbitrary code with web server privileges.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/46838/USN-287-1.txt
Source: https://packetstormsecurity.com/files/46838/Ubuntu-Security-Notice-287-1.html