CVE-2014-4701

Nagios Plugins <2.0.2 - Info Disclosure

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2014-4701. PoCs published by Dawid Golunski.

AI-analyzed exploit summary The exploit demonstrates an arbitrary file read vulnerability in Nagios Plugins' check_dhcp (v2.0.1 or older) due to improper privilege handling. By leveraging the SUID bit and the --extra-opts option, an unprivileged user can read root-owned INI files, exposing sensitive data like passwords.

Description

The check_dhcp plugin in Nagios Plugins before 2.0.2 allows local users to obtain sensitive information from INI configuration files via the extra-opts flag, a different vulnerability than CVE-2014-4702.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Dawid Golunski · textlocallinux

https://www.exploit-db.com/exploits/33387

View Code ZIP pw:eip

The exploit demonstrates an arbitrary file read vulnerability in Nagios Plugins' check_dhcp (v2.0.1 or older) due to improper privilege handling. By leveraging the SUID bit and the --extra-opts option, an unprivileged user can read root-owned INI files, exposing sensitive data like passwords.

Classification

Working Poc 100%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Nagios Plugins check_dhcp <= 2.0.1

No auth needed

Prerequisites: Local access to a system with vulnerable check_dhcp SUID binary · Presence of INI-formatted config files owned by root

MITRE ATT&CK