It was reported [1] that check_dhcp plugin allow local unprivileged user to read parts of INI config files belonging to root on a local system. It could allow an attacker to obtain sensitive information like passwords that should only be accessible by root user. The vulnerability is due to check_dhcp plugin having Root SUID permissions and inappropriate access control when reading user provided config file (through --extra-opts= option). References: [1]: http://seclists.org/fulldisclosure/2014/May/74
Created nagios-plugins tracking bugs for this issue: Affects: fedora-all [bug 1098548] Affects: epel-all [bug 1098549]
This was fixed in version 2.0.2; however, a race condition was discovered that, even with the patch, allowed root owned files to be read: http://seclists.org/fulldisclosure/2014/Jun/141 Version 2.0.3 corrects this race condition: http://nagios-plugins.org/nagios-plugins-2-0-3-released/
CVE request for the original issue and the later race condition issue: http://www.openwall.com/lists/oss-security/2014/06/30/3
MITRE assigned CVE-2014-4701 to the original check_dhcp report: http://seclists.org/fulldisclosure/2014/May/74 MITRE assigned CVE-2014-4703 to the race condition in check_dhcp: http://seclists.org/fulldisclosure/2014/Jun/141
Statement: This issue did not affect the versions of nagios-plugins as shipped with Red Hat Enterprise Linux OpenStack Platform.
nagios-plugins-2.0.3-1.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report.
nagios-plugins-2.0.3-1.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report.
nagios-plugins-2.0.3-1.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.
nagios-plugins-2.0.3-1.el7 has been pushed to the Fedora EPEL 7 stable repository. If problems still persist, please make note of it in this bug report.
nagios-plugins-2.0.3-1.el6 has been pushed to the Fedora EPEL 6 stable repository. If problems still persist, please make note of it in this bug report.