Main Vulnerability Database SB2018080134

SB2018080134 - Link following in Nagios

Published: August 1, 2018 Updated: August 8, 2020

Security Bulletin ID SB2018080134

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Link following (CVE-ID: CVE-2016-8641)

The vulnerability allows a local authenticated user to execute arbitrary code.

A privilege escalation vulnerability was found in nagios 4.2.x that occurs in daemon-init.in when creating necessary files and insecurely changing the ownership afterwards. It's possible for the local attacker to create symbolic links before the files are to be created and possibly escalating the privileges with the ownership change.

Remediation

Install update from vendor's website.

References

http://www.securityfocus.com/bid/95121
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8641
https://github.com/NagiosEnterprises/nagioscore/commit/f2ed227673d3b2da643eb5cad26b2d87674f28c1.patch
https://security.gentoo.org/glsa/201702-26
https://www.exploit-db.com/exploits/40774/