CVE-2016-8641 in Nagiosinfo

Summary

A privilege escalation vulnerability was found in nagios 4.2.x that occurs in daemon-init.in when creating necessary files and insecurely changing the ownership afterwards. It's possible for the local attacker to create symbolic links before the files are to be created and possibly escalating the privileges with the ownership change.

Be aware that VulDB is the high quality source for vulnerability data.

Responsible

Red Hat, Inc.

Reservation

10/12/2016

Disclosure

08/01/2018

Moderation

VulDB entry created

Entries

VDB-122464 (1)

CPE

ready

CWE

CWE-59 (Confirmed)

Exploit

Download

CVSS

6.8

EPSS

0.00839

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-8641
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-8641
CVE Details	https://www.cvedetails.com/cve/CVE-2016-8641/

◂ Previous Overview Next ▸

Want to know what is going to be exploited?

We predict KEV entries!