19 matches found
EUVD-2016-1281
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2016-8641
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A privilege escalation vulnerability was found in nagios 4.2.x that occurs in daemon-init.in when creating necessary files and insecurely changing the ownership...
RHEL 7 : nagios (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - nagios: Unsafe ownership change leading to privilege escalation CVE-2016-8641 - Cross-site scripting XSS...
RHEL 6 : nagios (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - nagios: Unsafe ownership change leading to privilege escalation CVE-2016-8641 - Cross-site scripting XSS...
Fedora 29 : nagios (2019-376ecc221c)
Incorporate many fixes from Justin Paulsen THANKS!!! ---- Updates to nagios-4.4.2 which is a major update. Fixes CVE's CVE-2018-13441 CVE-2016-8641 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempte...
Fedora 28 : nagios (2019-0b44528ff1)
Incorporate many fixes from Justin Paulsen THANKS!!! ---- Updates to nagios-4.4.2 which is a major update. Fixes CVE's CVE-2018-13441 CVE-2016-8641 ---- Remove section which unset nagios Fix BZ1568273 Note that Tenable Network Security has extracted the preceding description block directly from t...
openSUSE Security Update : icinga (openSUSE-2018-1206)
This update for icinga fixes the following issues : Update to 1.14.0 - CVE-2015-8010: Fixed XSS in the icinga classic UI boo952777 - CVE-2016-8641 / CVE-2016-10089: fixed a possible symlink attack for files/dirs created by root boo1011630 and boo1018047 - CVE-2016-0726: removed the pre-configured...
openSUSE: Security Advisory for icinga (openSUSE-SU-2018:3258-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Security update for icinga (moderate)
This update for icinga fixes the following issues: Update to 1.14.0 - CVE-2015-8010: Fixed XSS in the icinga classic UI boo952777 - CVE-2016-8641 / CVE-2016-10089: fixed a possible symlink attack for files/dirs created by root boo1011630 and boo1018047 - CVE-2016-0726: removed the pre-configured...
CVE-2016-8641
CVE-2016-8641 affects Nagios core (notably 4.2.x) where a privilege-escalation flaw exists in daemon-init.in during file creation and post-creation ownership changes. An attacker on the local host could exploit symbolic links created before files are made to escalate privileges via ownership chan...
CVE-2016-10089
A vulnerability was found in Nagios 4.2.4, and earlier, which allows local users to gain root privileges via a hard link attack on the Nagios init script file, related to CVE-2016-8641. Mitigation This flaw, and others like it, are mitigated by enabling hardlink and symlink protections. These...
Hardcoded credentials
Nagios 4.3.2 and earlier allows local users to gain root privileges via a hard link attack on the Nagios init script file, related to CVE-2016-8641...
CVE-2016-10089
Nagios 4.3.2 and earlier allows local users to gain root privileges via a hard link attack on the Nagios init script file, related to CVE-2016-8641...
CVE-2016-10089
Nagios 4.3.2 and earlier allows local users to gain root privileges via a hard link attack on the Nagios init script file, related to CVE-2016-8641...
CVE-2016-10089
Nagios 4.3.2 and earlier allows local users to gain root privileges via a hard link attack on the Nagios init script file, related to CVE-2016-8641...
CVE-2016-10089
Technical details are not publicly available in the provided documents.
CVE-2016-8641
creationtimestamp| type| source ---|---|--- 2016-11-18 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/40774...
Nagios 4.2.2 - Privilege Escalation Exploit
Exploit for linux platform in category local exploits Affected Product: Nagios 4 Vulnerability Type: root privilege escalation Fixed in Version: N/A Vendor Website: https://www.nagios.com/ Software Link: : https://sourceforge.net/projects/nagios/files/latest/download?source=directory-featured...
Nagios 4.2.2 - Local Privilege Escalation
Nagios 4.2.2 - Local Privilege Escalation Affected Product: Nagios 4 Vulnerability Type: root privilege escalation Fixed in Version: N/A Vendor Website: https://www.nagios.com/ Software Link: : https://sourceforge.net/projects/nagios/files/latest/download?source=directory-featured Affected Versio...