CVE-2014-4703

Name of the Vulnerable Software and Affected Versions Nagios Plugins version 2.0.2

Description The issue allows local users to obtain sensitive information via a symlink attack on the configuration file in the extra-opts flag. This problem exists due to an incomplete fix for a previous issue.

Recommendations For Nagios Plugins version 2.0.2, consider updating to a newer version that fully addresses the incomplete fix, or as a temporary workaround, restrict access to the configuration file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.