6.3 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:N/I:C/A:C
0.001 Low
EPSS
Percentile
23.5%
Nagios is a program that can monitor hosts and services on your network. It
can send email or page alerts when problems arise and when problems are
resolved.
Multiple insecure temporary file creation flaws were found in Nagios.
A local attacker could use these flaws to cause arbitrary files to be
overwritten as the root user via a symbolic link attack. (CVE-2013-2029,
CVE-2013-4214)
These issues were discovered by Grant Murphy of the Red Hat Product
Security Team.
All users of Nagios are advised to upgrade to these updated packages, which
contain backported patches to correct these issues.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 6 | x86_64 | nagios-common | < 3.5.1-2.el6ost | nagios-common-3.5.1-2.el6ost.x86_64.rpm |
RedHat | 6 | x86_64 | nagios-devel | < 3.5.1-2.el6ost | nagios-devel-3.5.1-2.el6ost.x86_64.rpm |
RedHat | 6 | src | nagios | < 3.5.1-2.el6ost | nagios-3.5.1-2.el6ost.src.rpm |
RedHat | 6 | x86_64 | nagios-debuginfo | < 3.5.1-2.el6ost | nagios-debuginfo-3.5.1-2.el6ost.x86_64.rpm |
RedHat | 6 | x86_64 | nagios | < 3.5.1-2.el6ost | nagios-3.5.1-2.el6ost.x86_64.rpm |