CVE-2013-4214 Information

Description

rss-newsfeed.php in Nagios Core 3.4.4 3.5.1 and earlier when MAGPIE_CACHE_ON is set to 1 allows local users to overwrite arbitrary files via a symlink attack on /tmp/magpie_cache.

Reference

http://rhn.redhat.com/errata/RHSA-2013-1526.html http://www.securityfocus.com/bid/61747 https://bugzilla.redhat.com/show_bug.cgi?id=958002 https://www.nagios.org/projects/nagios-core/history/4x/