Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2017-16933HistoryNov 24, 2017 - 5:29 a.m.
CVE-2017-16933
2017-11-2405:29:00
Debian Security Bug Tracker
security-tracker.debian.org
9
0.0004 Low
EPSS
Percentile
5.2%
etc/initsystem/prepare-dirs in Icinga 2.x through 2.8.1 has a chown call for a filename in a user-writable directory, which allows local users to gain privileges by leveraging access to the $ICINGA2_USER account for creation of a link.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | icinga2 | < 2.8.4-1 | icinga2_2.8.4-1_all.deb |
| Debian | 11 | all | icinga2 | < 2.8.4-1 | icinga2_2.8.4-1_all.deb |
| Debian | 10 | all | icinga2 | < 2.8.4-1 | icinga2_2.8.4-1_all.deb |
| Debian | 999 | all | icinga2 | < 2.8.4-1 | icinga2_2.8.4-1_all.deb |
| Debian | 13 | all | icinga2 | < 2.8.4-1 | icinga2_2.8.4-1_all.deb |
Related
prion
prion
Design/Logic Flaw
2017-11-24 05:29:00
Design/Logic Flaw
2018-02-27 19:29:00
ubuntucve
ubuntucve
CVE-2017-16933
2017-11-24 00:00:00
CVE-2018-6533
2018-02-27 00:00:00
cve
cve
CVE-2017-16933
2017-11-24 05:29:00
CVE-2018-6533
2018-02-27 19:29:00
osv
osv
CVE-2017-16933
2017-11-24 05:29:00
CVE-2018-6533
2018-02-27 19:29:00
cvelist
cvelist
CVE-2017-16933
2017-11-24 05:00:00
CVE-2018-6533
2018-02-27 19:00:00
debiancve
debiancve
CVE-2018-6533
2018-02-27 19:29:00
openvas
openvas
Icinga2 < 2.8.2 Multiple Vulnerabilities
2018-03-02 00:00:00