CVE-2014-8994CVE-2014-8994

Affected configuration(s):

cpe:/a:check_diskio_project:check_diskio:3.2.5

Date published: 2014-11-28T10:59:10.417-05:00

Date last modified: 2017-09-07T21:29:31.183-04:00

CVSS Score: 3.6

Principal attack vector: LOCAL

Complexity:  LOW

Reference URL: http://seclists.org/oss-sec/2014/q4/679

Summary: The check_diskio plugin 3.2.6 and earlier for Nagios and Icinga allows local users to write to arbitrary files via a symlink attack on a temporary file with a predictable name (tmp/check_diskio_status-*-*).

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.