CVE-2016-8641

Name of the Vulnerable Software and Affected Versions nagios version 4.2.x

Description A privilege escalation issue was found in the daemon-init.in component when creating necessary files and changing ownership. This allows a local attacker to create symbolic links before file creation, potentially escalating privileges with the ownership change.

Recommendations For nagios version 4.2.x, consider restricting access to the daemon-init.in component until a patch is available. As a temporary workaround, avoid using the daemon-init.in functionality that involves creating files and changing ownership to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.