Werk #983: Fix security issue in code of row selections (checkboxes) (CVSS 4.9 AV:N/AC:M/Au:S/C:N/I:P/A:P)

Component

User interface

Title

Fix security issue in code of row selections (checkboxes) (CVSS 4.9 AV:N/AC:M/Au:S/C:N/I:P/A:P)

Date

May 27, 2014

Level

Prominent Change

Class

Security Fix

Compatibility

Compatible - no manual interaction needed

Checkmk versions & editions

1.2.5i4 Not yet released	Checkmk Raw (CRE), Checkmk Enterprise (CEE), Checkmk MSP (CME)
1.2.5i4 Not yet released	Checkmk Raw (CRE), Checkmk Enterprise (CEE), Checkmk MSP (CME)
1.2.5i4 Not yet released	Checkmk Raw (CRE), Checkmk Enterprise (CEE), Checkmk MSP (CME)
1.2.5i4 Not yet released	Checkmk Raw (CRE), Checkmk Enterprise (CEE), Checkmk MSP (CME)
1.2.5i4 Not yet released	Checkmk Raw (CRE), Checkmk Enterprise (CEE), Checkmk MSP (CME)
1.2.5i4 Not yet released	Checkmk Raw (CRE), Checkmk Enterprise (CEE), Checkmk MSP (CME)
1.2.5i4 Not yet released	Checkmk Raw (CRE), Checkmk Enterprise (CEE), Checkmk MSP (CME)
1.2.5i4 Not yet released	Checkmk Raw (CRE), Checkmk Enterprise (CEE), Checkmk MSP (CME)
1.2.5i4	Checkmk Raw (CRE), Checkmk Enterprise (CEE), Checkmk MSP (CME)

The fixed weakness was:

The check_mk application does allow an attacker to write check_mk config files (.mk files) on arbitrary locations on the server filesystem.