Privilege Escalation Vulnerability in Nagios Plugins by Nagios
CVE-2013-4215

Currently unrated

Key Information:

Vendor

Nagios

Status
Plugins
Vendor
CVE Published:
5 May 2014

What is CVE-2013-4215?

A local privilege escalation vulnerability exists in Nagios Plugins version 1.4.16 due to improper handling of symlinks in the IPXPING_COMMAND function located in contrib/check_ipxping.c. This flaw allows local users to exploit the system by creating a symlink to a file in the /tmp/ipxping/ directory, thereby gaining unauthorized privileges. This vulnerability underscores the importance of secure file handling and the need for proper validation in executing commands that interact with system files.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://tracker.nagios.org/view.php?id=451
x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=957482
x_refsource_MISC
http://seclists.org/oss-sec/2013/q3/310
mailing-listx_refsource_MLIST

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.