[Git][security-tracker-team/security-tracker][master] 2 commits: Clarify status for CVE-2014-470{1,3}

Salvatore Bonaccorso carnil at debian.org
Fri Sep 28 22:37:32 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e2beca2f by Salvatore Bonaccorso at 2018-09-28T21:20:22Z
Clarify status for CVE-2014-470{1,3}

- - - - -
dfd15f50 by Salvatore Bonaccorso at 2018-09-28T21:33:10Z
Update status for CVE-2014-470{1,2,3}/monitoring-plugins

The issues were fixed differently in the monitoring-plugins codebasis.
Upstream of monitoring-plugins did in the fix decide to drop privileges
before reading file. Thiw as adressed in

https://github.com/monitoring-plugins/monitoring-plugins/commit/48025ff39c3a78b7805bf803ac96730cef53e15c

which is included in the initial upload of monitoring-plugins for
Debian. As such CVE-2014-4703 as well (as being a CVE for an incomplete
fix specifically for nagios-plugins does not affect montoring-plugins)

As a note for people wanting to backport the fixed for nagios-plugins
itself for older versions: For nagios-plugins specifically the fix could
be extracted by the diff of the tarballs for 2.0.1 to 2.0.2 for
CVE-2014-470{1,2} limiting to lib/parse_ini.c and for CVE-2014-4703 for
the changes in lib/parse_ini.c between 2.0.2 and 2.0.3.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -171326,23 +171326,26 @@ CVE-2014-3771 (TeamPass before 2.1.20 allows remote attackers to bypass access .
 	- teampass <itp> (bug #730180)
 	NOTE: https://github.com/nilsteampassnet/TeamPass/commit/fd549b245c0f639a8d47bf4f74f92c37c053706f
 CVE-2014-4703 (lib/parse_ini.c in Nagios Plugins 2.0.2 allows local users to obtain ...)
-	- nagios-plugins <removed> (unimportant)
+	- nagios-plugins <not-affected> (incomplete fix for CVE-2014-4701 not applied)
 	NOTE: check_dhcp is not installed with root suid permissions in Debian
 	NOTE: http://seclists.org/fulldisclosure/2014/Jun/141
-	- monitoring-plugins <undetermined> (unimportant)
-	[jessie] - monitoring-plugins <no-dsa> (Minor issue, setuid bit not set by default.)
+	NOTE: Introduced due to incomplete fix for CVE-2014-4701 in 2.0.2.
+	- monitoring-plugins <not-affected> (Vulnerable code not present, fix for CVE-2014-4701 adressed differently directly by dropping privileges)
 CVE-2014-4702 (The check_icmp plugin in Nagios Plugins before 2.0.2 allows local ...)
 	- nagios-plugins <removed> (unimportant)
 	NOTE: http://seclists.org/fulldisclosure/2014/May/74
+	NOTE: Fixed in nagios-plugins 2.0.2
 	NOTE: check_imcp is not installed with root suid permissions in Debian
-	- monitoring-plugins <undetermined> (unimportant)
-	[jessie] - monitoring-plugins <no-dsa> (Minor issue, setuid bit not set by default.)
+	- monitoring-plugins <not-affected> (Fixed with initial upload to Debian)
+	NOTE: https://github.com/monitoring-plugins/monitoring-plugins/commit/48025ff39c3a78b7805bf803ac96730cef53e15c
 CVE-2014-4701 (The check_dhcp plugin in Nagios Plugins before 2.0.2 allows local ...)
 	- nagios-plugins <removed> (unimportant)
 	NOTE: check_dhcp is not installed with root suid permissions in Debian
 	NOTE: http://seclists.org/fulldisclosure/2014/May/74
-	- monitoring-plugins <undetermined> (unimportant)
-	[jessie] - monitoring-plugins <no-dsa> (Minor issue, setuid bit not set by default.)
+	NOTE: fixed in nagios-plugins 2.0.2 (but needs to be made complete to not open
+	NOTE: CVE-2014-4703) and thus include the fix from 2.0.3 upstream.
+	- monitoring-plugins <not-affected> (Fixed with initial upload to Debian)
+	NOTE: https://github.com/monitoring-plugins/monitoring-plugins/commit/48025ff39c3a78b7805bf803ac96730cef53e15c
 CVE-2014-3776 (Buffer overflow in the "read-u8vector!" procedure in the srfi-4 unit ...)
 	- chicken 4.9.0-1 (bug #748904)
 	[squeeze] - chicken <no-dsa> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/98d59a660ba6d503e25159cc7765c9547a7a7f4d...dfd15f500c45dcb9546b32e6f62bfd73fd9bc27f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/98d59a660ba6d503e25159cc7765c9547a7a7f4d...dfd15f500c45dcb9546b32e6f62bfd73fd9bc27f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180928/caf6547b/attachment.html>

More information about the debian-security-tracker-commits mailing list