Lucene search
Ubuntu.comUB:CVE-2014-4703HistoryDec 05, 2014 - 12:00 a.m.
CVE-2014-4703
2014-12-0500:00:00
ubuntu.com
ubuntu.com
8
0.0004 Low
EPSS
Percentile
15.6%
lib/parse_ini.c in Nagios Plugins 2.0.2 allows local users to obtain
sensitive information via a symlink attack on the configuration file in the
extra-opts flag. NOTE: this vulnerability exists because of an incomplete
fix for CVE-2014-4701.
Notes
| Author | Note |
|---|---|
| seth-arnold | Ubuntu wasn’t affected by CVE-2014-4701; further, Ubuntu’s default kernels include Yama-based symlink and hardlink restrictions making the race much less useful. Marked not-affected because we haven’t yet applied fix for CVE-2014-4701. |
Related
prion
prion
Design/Logic Flaw
2014-12-05 16:59:00
Design/Logic Flaw
2014-12-05 16:59:00
Code injection
2014-12-05 16:59:00
debiancve
debiancve
cvelist
cvelist
nessus
nessus
Fedora 21 : nagios-plugins-2.0.3-1.fc21 (2015-12972)
2015-08-18 00:00:00
Fedora 23 : nagios-plugins-2.0.3-1.fc23 (2015-12853)
2015-08-18 00:00:00
Fedora 22 : nagios-plugins-2.0.3-1.fc22 (2015-12987)
2015-08-18 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: nagios-plugins-2.0.3-1.fc21
2015-08-18 05:14:13
[SECURITY] Fedora 22 Update: nagios-plugins-2.0.3-1.fc22
2015-08-18 05:22:12
[SECURITY] Fedora 23 Update: nagios-plugins-2.0.3-1.fc23
2015-08-18 05:28:04
openvas
openvas
Fedora Update for nagios-plugins FEDORA-2015-12987
2015-08-20 00:00:00
Fedora Update for nagios-plugins FEDORA-2015-12972
2015-08-20 00:00:00
SUSE: Security Advisory (SUSE-SU-2014:1352-1)
2021-06-09 00:00:00
ubuntucve
ubuntucve
CVE-2014-4701
2014-12-05 00:00:00
CVE-2014-4702
2014-12-05 00:00:00
cve
cve
CVE-2014-4703
2014-12-05 16:59:08
CVE-2014-4701
2014-12-05 16:59:05