A privilege escalation vulnerability was found in nagios 4.2.x that occurs in daemon-init.in when creating necessary files and insecurely changing the ownership afterwards. It's possible for the local attacker to create symbolic links before the files are to be created and possibly escalating the privileges with the ownership change.

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

  - A privilege escalation vulnerability was found in nagios 4.2.x that occurs in daemon-init.in when creating     necessary files and insecurely changing the ownership afterwards. It's possible for the local attacker to     create symbolic links before the files are to be created and possibly escalating the privileges with the     ownership change. (CVE-2016-8641)

Note that Nessus relies on the presence of the package as reported by the vendor.

Incorporate many fixes from Justin Paulsen <petaris@gmail.com> THANKS!!!

----

Updates to nagios-4.4.2 which is a major update. Fixes CVE's CVE-2018-13441 CVE-2016-8641

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Incorporate many fixes from Justin Paulsen <petaris@gmail.com> THANKS!!!

----

Updates to nagios-4.4.2 which is a major update. Fixes CVE's CVE-2018-13441 CVE-2016-8641

----

Remove section which unset nagios Fix BZ#1568273

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

This update for nagios fixes the following issues :

CVE-2016-8641 / CVE-2016-10089: fixed possible symlink attacks for files/directories created by root (bsc#1011630 / bsc#1018047)

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

This update for icinga fixes the following issues :

Update to 1.14.0

  - CVE-2015-8010: Fixed XSS in the icinga classic UI     (boo#952777)

  - CVE-2016-8641 / CVE-2016-10089: fixed a possible symlink     attack for files/dirs created by root (boo#1011630 and     boo#1018047)

  - CVE-2016-0726: removed the pre-configured administrative     account with fixed password for the WebUI - (boo#961115)

The remote host is affected by the vulnerability described in GLSA-201702-26 (Nagios: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in Nagios. Please review       the CVE identifiers referenced below for details.
  Impact :

    A local attacker, who either is already Nagios&rsquo;s system user or       belongs to Nagios&rsquo;s group, could potentially escalate privileges.
    In addition, a remote attacker could read or write to arbitrary files by       spoofing a crafted response from the Nagios RSS feed server.
  Workaround :

    There is no known workaround at this time.

ID	Name	Product	Family	Severity
219844	Linux Distros Unpatched Vulnerability : CVE-2016-8641	Nessus	Misc.	high
121443	Fedora 29 : nagios (2019-376ecc221c)	Nessus	Fedora Local Security Checks	high
121442	Fedora 28 : nagios (2019-0b44528ff1)	Nessus	Fedora Local Security Checks	high
118305	SUSE SLES11 Security Update : nagios (SUSE-SU-2018:3240-1)	Nessus	SuSE Local Security Checks	high
118249	openSUSE Security Update : icinga (openSUSE-2018-1206)	Nessus	SuSE Local Security Checks	critical
97269	GLSA-201702-26 : Nagios: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	critical

Detections

Analytics

CVE-2016-8641

high

Tenable Plugins

high

high

high

high

critical

critical