2 matches found
Security Bulletin: Vulnerabilities in nagios affect PowerKVM
Summary PowerKVM is affected by vulnerabilities in magios. IBM has now addressed these vulnerabilities. Vulnerability Details CVEID: CVE-2017-14312 DESCRIPTION: Nagios Core could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the nagios.cfg. By...
CVE-2013-4214
CVE-2013-4214 affects Nagios Core 3.4.4, 3.5.1 and earlier. The issue is a local symlink attack in rss-newsfeed.php: when MAGPIE_CACHE_ON is set to 1, a local attacker can create a symbolic link from a temporary file to a target file in /tmp/magpie_cache, enabling overwriting of arbitrary files w...