6 matches found
GLSA-202007-31 : Icinga: Root privilege escalation
The remote host is affected by the vulnerability described in GLSA-202007-31 Icinga: Root privilege escalation It was discovered that Icingas installed files have insecure permissions, possibly allowing root privilege escalation. Impact : A local attacker could escalate privileges to root...
CVE-2017-16882
Icinga Core through 1.14.0 initially executes bin/icinga as root but supports configuration options in which this file is owned by a non-root account and similarly can have etc/icinga.cfg owned by a non-root account, which allows local users to gain privileges by leveraging access to this non-roo...
CVE-2017-16882
Icinga Core through 1.14.0 initially executes bin/icinga as root but supports configuration options in which this file is owned by a non-root account and similarly can have etc/icinga.cfg owned by a non-root account, which allows local users to gain privileges by leveraging access to this non-roo...
CVE-2017-16882
Technical specifics for CVE-2017-16882 are not provided in the connected documents. The initial entry notes a local privilege escalation in Icinga Core up to v1.14.0 via non-root-owned bin/icinga and icinga.cfg, with related components mentioned. Monitor for updates.
CVE-2017-16882
Icinga Core through 1.14.0 initially executes bin/icinga as root but supports configuration options in which this file is owned by a non-root account and similarly can have etc/icinga.cfg owned by a non-root account, which allows local users to gain privileges by leveraging access to this non-roo...
CVE-2017-16882
Removed by vendor...