[Git][security-tracker-team/security-tracker][master] CVE-2013-4215,monitoring-plugins: Jessie is not affected.
Markus Koschany
apo at debian.org
Fri Sep 28 13:32:00 BST 2018
Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ed6e9cf6 by Markus Koschany at 2018-09-28T12:30:10Z
CVE-2013-4215,monitoring-plugins: Jessie is not affected.
There is no define statement that would allow a symlinking attack on /tmp. The
ipxping command does not exist. The contrib plugins were removed in 2013.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -188438,6 +188438,7 @@ CVE-2013-4215 (The IPXPING_COMMAND in contrib/check_ipxping.c in Nagios Plugins
- nagios-plugins <removed> (unimportant)
NOTE: vulnerable code present, but check_ipxping is neither built nor installed
- monitoring-plugins <undetermined> (unimportant)
+ [jessie] - monitoring-plugins <not-affected> (vulnerable code not present)
CVE-2013-4214 (rss-newsfeed.php in Nagios Core 3.4.4, 3.5.1, and earlier, when ...)
- nagios3 3.5.1-1 (low; bug #719056)
[wheezy] - nagios3 <no-dsa> (Minor issue)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ed6e9cf604d922141efcd9d587cf56574b78433d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ed6e9cf604d922141efcd9d587cf56574b78433d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180928/611b102d/attachment.html>
More information about the debian-security-tracker-commits
mailing list