SUSE CVE-2013-4214

rss-newsfeed.php in Nagios Core 3.4.4, 3.5.1, and earlier, when MAGPIECACHEON is set to 1, allows local users to overwrite arbitrary files via a symlink attack on /tmp/magpiecache...

Amazon Linux AMI : nagios (ALAS-2017-899)

Multiple off-by-one errors in Nagios Core 3.5.1, 4.0.2, and earlier, and Icinga before 1.8.5, 1.9 before 1.9.4, and 1.10 before 1.10.2 allow remote authenticated users to obtain sensitive information from process memory or cause a denial of service crash via a long string in the last key value in...

CVE-2013-4214

CVE-2013-4214 affects Nagios Core 3.4.4, 3.5.1 and earlier. The issue is a local symlink attack in rss-newsfeed.php: when MAGPIE_CACHE_ON is set to 1, a local attacker can create a symbolic link from a temporary file to a target file in /tmp/magpie_cache, enabling overwriting of arbitrary files w...

core: html/rss-newsfeed.php insecure temporary file usage

rss-newsfeed.php in Nagios Core 3.4.4, 3.5.1, and earlier, when MAGPIECACHEON is set to 1, allows local users to overwrite arbitrary files via a symlink attack on /tmp/magpiecache...