check_dhcp is vulnerable to information leak when run as suid root
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| nagios-plugins (Ubuntu) |
Triaged
|
Undecided
|
Unassigned | ||
Bug Description
check_dhcp is shipped to run suid root by default by upstream, but it is not packaged as suid root in Debian or Ubuntu.
This issue has no CVE but is listed at http://
However, if users mark it suid root to make it more useful, then it is vulnerable as described in http://
There is a fix available at https:/
The monitoring-plugins fork has yet to issue a fix.
09:39 <emias> 20:36 <emias> I would simply disallow users to specify a config file path when euid != ruid.
I suggest that we issue an update when one is available for users using a non-default configuration of check_dhcp as suid root. As this is the promoted way of using it upstream, it seems reasonable.
| Changed in nagios-plugins (Ubuntu): | |
| status: | New → Triaged |
