Lucene search
PRIOn knowledge basePRION:CVE-2017-12847HistoryAug 23, 2017 - 9:29 p.m.
Command injection
2017-08-2321:29:00
PRIOn knowledge base
www.prio-n.com
2
Nagios Core before 4.3.3 creates a nagios.lock PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for nagios.lock modification before a root script executes a “kill cat /pathname/nagios.lock” command.
References
www.securityfocus.com/bid/100403
github.com/NagiosEnterprises/nagioscore/blob/master/Changelog
github.com/NagiosEnterprises/nagioscore/commit/1b197346d490df2e2d3b1dcce5ac6134ad0c8752
github.com/NagiosEnterprises/nagioscore/commit/3baffa78bafebbbdf9f448890ba5a952ea2d73cb
github.com/NagiosEnterprises/nagioscore/issues/404
security.gentoo.org/glsa/201710-20
Related
openvas
openvas
Mageia: Security Advisory (MGASA-2017-0437)
2022-01-28 00:00:00
Nagios Privilege Escalation Vulnerability
2017-08-22 00:00:00
Fedora Update for nagios FEDORA-2017-d270e932a3
2017-11-23 00:00:00
ubuntucve
ubuntucve
CVE-2017-12847
2017-08-23 00:00:00
cvelist
cvelist
CVE-2017-12847
2017-08-23 21:00:00
nvd
nvd
CVE-2017-12847
2017-08-23 21:29:00
cve
cve
CVE-2017-12847
2017-08-23 21:29:00
redhatcve
redhatcve
CVE-2017-12847
2017-08-17 11:48:39
mageia
mageia
Updated nagios packages fix security vulnerability
2017-12-02 02:13:21
osv
osv
CVE-2017-12847
2017-08-23 21:29:00
gentoo
gentoo
Nagios: Multiple vulnerabilities
2017-10-18 00:00:00
nessus
nessus
GLSA-201710-20 : Nagios: Multiple vulnerabilities
2017-10-18 00:00:00
Fedora 27 : nagios (2017-d270e932a3)
2018-01-15 00:00:00
fedora
fedora
[SECURITY] Fedora 27 Update: nagios-4.3.4-3.fc27
2017-11-15 17:56:42