Lucene search
HistoryDec 05, 2014 - 4:59 p.m.
CVE-2014-4703
cve
2014
4703
nagios plugins
parse_ini.c
symlink attack
nvd
5.5 Medium
AI Score
Confidence
Low
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
15.2%
lib/parse_ini.c in Nagios Plugins 2.0.2 allows local users to obtain sensitive information via a symlink attack on the configuration file in the extra-opts flag. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-4701.
| CPE | Name | Operator | Version |
|---|---|---|---|
| nagios:nagios | nagios | eq | 2.0.2 |
Related
prion
prion
Design/Logic Flaw
2014-12-05 16:59:00
Design/Logic Flaw
2014-12-05 16:59:00
Code injection
2014-12-05 16:59:00
debiancve
debiancve
cvelist
cvelist
ubuntucve
ubuntucve
fedora
fedora
[SECURITY] Fedora 22 Update: nagios-plugins-2.0.3-1.fc22
2015-08-18 05:22:12
[SECURITY] Fedora 21 Update: nagios-plugins-2.0.3-1.fc21
2015-08-18 05:14:13
[SECURITY] Fedora 23 Update: nagios-plugins-2.0.3-1.fc23
2015-08-18 05:28:04
nessus
nessus
Fedora 21 : nagios-plugins-2.0.3-1.fc21 (2015-12972)
2015-08-18 00:00:00
Fedora 23 : nagios-plugins-2.0.3-1.fc23 (2015-12853)
2015-08-18 00:00:00
Fedora 22 : nagios-plugins-2.0.3-1.fc22 (2015-12987)
2015-08-18 00:00:00
openvas
openvas
Fedora Update for nagios-plugins FEDORA-2015-12987
2015-08-20 00:00:00
Fedora Update for nagios-plugins FEDORA-2015-12972
2015-08-20 00:00:00
SUSE: Security Advisory (SUSE-SU-2014:1352-1)
2021-06-09 00:00:00
cve
cve
CVE-2014-4702
2014-12-05 16:59:00
CVE-2014-4701
2014-12-05 16:59:00
5.5 Medium
AI Score
Confidence
Low
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
15.2%
Related for CVE-2014-4703