(RHSA-2013:1526) Moderate: nagios security update

2013-11-18T05:00:00
ID RHSA-2013:1526
Type redhat
Reporter RedHat
Modified 2018-06-13T01:27:36

Description

Nagios is a program that can monitor hosts and services on your network. It can send email or page alerts when problems arise and when problems are resolved.

Multiple insecure temporary file creation flaws were found in Nagios. A local attacker could use these flaws to cause arbitrary files to be overwritten as the root user via a symbolic link attack. (CVE-2013-2029, CVE-2013-4214)

These issues were discovered by Grant Murphy of the Red Hat Product Security Team.

All users of Nagios are advised to upgrade to these updated packages, which contain backported patches to correct these issues.