oss-sec mailing list archives
CVE requests: nagios check_dhcp plug-in: read parts of INI config files belonging to root
From: Murray McAllister <mmcallis () redhat com>
Date: Mon, 30 Jun 2014 16:24:16 +1000
Good morning, Dawid Golunski discovered a flaw in the Nagios check_dhcp plugin that allows "Malicious user that has local access to a system where check_dhcp plugin is installed with SUID could exploit this vulnerability to read any INI format config files owned by root and potentially extract some sensitive information.": http://seclists.org/fulldisclosure/2014/May/74 This was fixed in version 2.0.2: <http://nagios-plugins.org/nagios-plugins-2-0-2-released/> Dawid later reported a race condition. Despite the above fix, it was still possible to read parts of root-owned files: http://seclists.org/fulldisclosure/2014/Jun/141 This was fixed in version 2.0.3: <http://nagios-plugins.org/nagios-plugins-2-0-3-released/> Can CVEs please be assigned if they have not been already? Thanks, -- Murray McAllister / Red Hat Product Security
Current thread:
- CVE requests: nagios check_dhcp plug-in: read parts of INI config files belonging to root Murray McAllister (Jun 29)