CVSS: 7.8EPSS: 92%CPEs: 1EXPL: 2CVE-2016-9566 – Nagios < 4.2.4 - Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2016-9566
base/logging.c in Nagios Core before 4.2.4 allows local users with access to an account in the nagios group to gain root privileges via a symlink attack on the log file. NOTE: this can be leveraged by remote attackers using CVE-2016-9565. base/logging.c en Nagios Core en versiones anteriores a 4.2.4 permite a usuarios locales con acceso a una cuenta en el grupo nagios obtener privilegios a través de un ataque de symlink al archivo de inicio de sesión. NOTA: esto puede ser aprovechado por atacantes remotos usando CVE-2016-9565. A privilege escalation flaw was found in the way Nagios handled log files. An attacker able to control the Nagios logging configuration (the 'nagios' user/group) could use this flaw to elevate their privileges to root. • https://www.exploit-db.com/exploits/40921 http://rhn.redhat.com/errata/RHSA-2017-0211.html http://rhn.redhat.com/errata/RHSA-2017-0212.html http://rhn.redhat.com/errata/RHSA-2017-0213.html http://rhn.redhat.com/errata/RHSA-2017-0214.html http://rhn.redhat.com/errata/RHSA-2017-0258.html http://rhn.redhat.com/errata/RHSA-2017-0259.html http://seclists.org/fulldisclosure/2016/Dec/58 http://www.securityfocus.com/bid/94919 http://www.securitytracker.com/id/103748 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2016-8641 – Nagios 4.2.2 - Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2016-8641
A privilege escalation vulnerability was found in nagios 4.2.x that occurs in daemon-init.in when creating necessary files and insecurely changing the ownership afterwards. It's possible for the local attacker to create symbolic links before the files are to be created and possibly escalating the privileges with the ownership change. Se ha encontrado una vulnerabilidad de escalado de privilegios en nagios 4.2.x que ocurre en daemon-init.in al crear archivos necesarios y, posteriormente, cambiar de forma no segura la propiedad. Es posible que el atacante local cree vínculos simbólicos antes de que se creen los archivos y escale privilegios con el cambio de propiedad. Nagios versions 2.x through 4.x suffer from a local privilege escalation vulnerability. • https://www.exploit-db.com/exploits/40774 http://www.securityfocus.com/bid/95121 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8641 https://github.com/NagiosEnterprises/nagioscore/commit/f2ed227673d3b2da643eb5cad26b2d87674f28c1.patch https://security.gentoo.org/glsa/201702-26 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •