CVE-2014-4701

Published: Dec 5, 2014Modified: May 6, 2026

2.1

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 3.9 / Impact: 2.9

Source: NVD

Description

The check_dhcp plugin in Nagios Plugins before 2.0.2 allows local users to obtain sensitive information from INI configuration files via the extra-opts flag, a different vulnerability than CVE-2014-4702.

Affected (1)

Products: Nagios: Nagios

Nagios

1 product

Nagios

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Nagios Nagios	Up to 2.0.1

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (18)

http://legalhackers.com/advisories/nagios-check_dhcp.txt

Source: cve@mitre.org

Exploit

http://nagios-plugins.org/nagios-plugins-2-0-2-released/?utm_source=Nagios.org&utm_medium=News+Post&utm_content=Nagios%20Plugins%202.0.2%20Released&utm_campaign=Nagios%20Plugins

Source: cve@mitre.org

PatchVendor Advisory

http://seclists.org/fulldisclosure/2014/May/74

Source: cve@mitre.org

Exploit

http://secunia.com/advisories/58751

Source: cve@mitre.org

http://secunia.com/advisories/61319

Source: cve@mitre.org

http://www.exploit-db.com/exploits/33387

Source: cve@mitre.org

Exploit

http://www.openwall.com/lists/oss-security/2014/06/30/6

Source: cve@mitre.org

http://www.securityfocus.com/bid/67433

Source: cve@mitre.org

https://www.suse.com/support/update/announcement/2014/suse-su-20141352-1.html

Source: cve@mitre.org

http://legalhackers.com/advisories/nagios-check_dhcp.txt