PT-2017-7726 · Nagios+1 · Nagios+1

Published

2017-02-15

·

Updated

2018-11-05

·

CVE-2016-10089

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Nagios versions 4.3.2 and earlier
Description The issue allows local users to gain root privileges via a hard link attack on the Nagios init script file.
Recommendations For Nagios versions 4.3.2 and earlier, update to a version later than 4.3.2 to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2016-10089
OPENSUSE-SU-2018_3258-1
SUSE-SU-2018:3240-1
SUSE-SU-2018:3620-1
SUSE-SU-2018_3240-1

Affected Products

Nagios
Suse