Debian: Security Advisory (DLA-751-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2017-0045)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DLA-1615-1 : nagios3 security update

Several issues were corrected in nagios3, a monitoring and management system for hosts, services and networks. CVE-2018-18245 Maximilian Boehner of usd AG found a cross-site scripting XSS vulnerability in Nagios Core. This vulnerability allows attackers to place malicious JavaScript code into the...

Debian: Security Advisory (DLA-1615-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 1615-1] nagios3 security update

Package : nagios3 Version : 3.5.1.dfsg-2+deb8u1 CVE ID : CVE-2013-7108 CVE-2013-7205 CVE-2014-1878 CVE-2016-9566 CVE-2018-18245 Debian Bug : 771466 823721 917138 Several issues were corrected in nagios3, a monitoring and management system for hosts, services and networks. CVE-2018-18245 Maximilia...

Ubuntu 14.04 LTS / 16.04 LTS : Nagios regression (USN-3253-2)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3253-2 advisory. USN-3253-1 fixed vulnerabilities in Nagios. The update prevented log files from being displayed in the web interface. This update fixes the problem. W...

Ubuntu: Security Advisory (USN-3253-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS / 16.04 LTS : Nagios vulnerabilities (USN-3253-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3253-1 advisory. It was discovered that Nagios incorrectly handled certain long strings. A remote authenticated attacker could use this issue to cause Nagios ...

Ubuntu: Security Advisory (USN-3253-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Important: Red Hat Security Advisory: nagios security update

An update for nagios is now available for Red Hat Gluster Storage 3.1 for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Important: Red Hat Security Advisory: nagios security update

An update for nagios is now available for Red Hat Enterprise Linux OpenStack Platform 5.0 Icehouse for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Important: Red Hat Security Advisory: nagios security update

An update for nagios is now available for Red Hat Enterprise Linux OpenStack Platform 6.0 Juno for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

openSUSE Security Update : icinga (openSUSE-2017-100)

This update for icinga includes various upstream fixes and the following security security fixes : - icinga was updated to version 1.14.0 - the classic-UI was vulnerable to a cross site scripting attack CVE-2015-8010, boo952777 - A user with nagios privileges could have gained root privileges by...

Debian DLA-751-1 : nagios3 security update

Nagios was found to be vulnerable to two security issues that, when combined, lead to a remote root code execution vulnerability. Fortunately, the hardened permissions of the Debian package limit the effect of those to information disclosure, but privilege escalation to root is still possible...

[SECURITY] [DLA 751-1] nagios3 security update

Package : nagios3 Version : 3.4.1-3+deb7u3 CVE ID : CVE-2016-9565 CVE-2016-9566 Nagios was found to be vulnerable to two security issues that, when combined, lead to a remote root code execution vulnerability. Fortunately, the hardened permissions of the Debian package limit the effect of those t...

Nagios 4.2.4 - Privilege Escalation Exploit

Exploit for linux platform in category local exploits ''' Source: https://legalhackers.com/advisories/Nagios-Exploit-Root-PrivEsc-CVE-2016-9566.html ============================================= - Discovered by: Dawid Golunski - dawidatlegalhackers.com - https://legalhackers.com - CVE-2016-9566 -...

Nagios Core < 4.2.4 - Root Privilege Escalation (CVE-2016-9566)

INTRODUCTION ------------------------- Nagios Core daemon in versions below 4.2.4 was found to perform unsafe operations when handling the log file. This could be exploited by malicious local attackers to escalate their privileges from 'nagios' system user, or from a user belonging to 'nagios'...

CVE-2016-9566

base/logging.c in Nagios Core before 4.2.4 allows local users with access to an account in the nagios group to gain root privileges via a symlink attack on the log file. NOTE: this can be leveraged by remote attackers using CVE-2016-9565...

CVE-2016-9566

CVE-2016-9566 affects Nagios Core prior to 4.2.4. Local users in the nagios group can gain root privileges via a symlink attack on the debug log file; this vulnerability is noted to be exploit-able in conjunction with CVE-2016-9565. Remediation in the public advisories is to upgrade Nagios Core (...

Nagios 4.2.4 - Local Privilege Escalation

Nagios 4.2.4 - Local Privilege Escalation !/bin/bash Source: https://legalhackers.com/advisories/Nagios-Exploit-Root-PrivEsc-CVE-2016-9566.html Nagios Core 4.2.4 Root Privilege Escalation PoC Exploit nagios-root-privesc.sh ver. 1.0 CVE-2016-9566 Discovered and coded by: Dawid Golunski...