Описание
lib/parse_ini.c in Nagios Plugins 2.0.2 allows local users to obtain sensitive information via a symlink attack on the configuration file in the extra-opts flag. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-4701.
Отчет
This issue did not affect the versions of nagios-plugins as shipped with Red Hat Enterprise Linux OpenStack Platform.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat OpenStack Platform 3 | nagios-plugins | Not affected | ||
| Red Hat OpenStack Platform 4 | nagios-plugins | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
4.4 Medium
CVSS2
Связанные уязвимости
lib/parse_ini.c in Nagios Plugins 2.0.2 allows local users to obtain sensitive information via a symlink attack on the configuration file in the extra-opts flag. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-4701.
lib/parse_ini.c in Nagios Plugins 2.0.2 allows local users to obtain sensitive information via a symlink attack on the configuration file in the extra-opts flag. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-4701.
lib/parse_ini.c in Nagios Plugins 2.0.2 allows local users to obtain s ...
lib/parse_ini.c in Nagios Plugins 2.0.2 allows local users to obtain sensitive information via a symlink attack on the configuration file in the extra-opts flag. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-4701.
EPSS
4.4 Medium
CVSS2