Description
The check_icmp plugin in Nagios Plugins before 2.0.2 allows local users to obtain sensitive information from INI configuration files via the extra-opts flag, a different vulnerability than CVE-2014-4701.
References (6)
Core 6
Core References
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/61319
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/58751
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/68293
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2014/06/30/6
Patch, Vendor Advisory x_refsource_confirm
http://nagios-plugins.org/nagios-plugins-2-0-2-released/?utm_source=Nagios.org&utm_medium=News+Post&utm_content=Nagios%20Plugins%202.0.2%20Released&utm_campaign=Nagios%20Plugins
Various Sources vendor-advisory
x_refsource_suse
https://www.suse.com/support/update/announcement/2014/suse-su-20141352-1.html
Scores
EPSS
0.0008
EPSS Percentile
23.8%
Details
CWE
CWE-200
Status
published
Products (1)
nagios/nagios
< 2.0.1
Published
Dec 05, 2014
Tracked Since
Feb 18, 2026