3 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-12847
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Nagios Core before 4.3.3 creates a nagios.lock PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary process...
Updated nagios packages fix security vulnerability
It was found that nagios daemon creates its PID file after dropping privileges, which allows to change its content by non-root user with PID of any other process, resulting into denial-of-service when daemon is stopped CVE-2017-12847. Note that the nagios package on Mageia 5 is no longer supporte...
CVE-2017-12847
CVE-2017-12847 affects Nagios Core prior to 4.3.3. After dropping privileges to a non‑root account, Nagios writes a nagios.lock PID file, which a local user could leverage to modify the file and cause a root script to kill an arbitrary process — enabling local privilege‑escalation/DoS as describe...