CVE-2016-10089

Опубликовано: 15 фев. 2017

Источник: nvd

CVSS3: 7.8

CVSS2: 7.2

EPSS Низкий

Описание

Nagios 4.3.2 and earlier allows local users to gain root privileges via a hard link attack on the Nagios init script file, related to CVE-2016-8641.

Ссылки

http://www.openwall.com/lists/oss-security/2016/12/30/6
Mailing List
Third Party Advisory
http://www.securityfocus.com/bid/95171
Third Party Advisory
VDB Entry
http://www.openwall.com/lists/oss-security/2016/12/30/6
Mailing List
Third Party Advisory
http://www.securityfocus.com/bid/95171
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:nagios:nagios:*:*:*:*:*:*:*:*

Версия до 4.2.4 (включая)

EPSS

Процентиль: 28%

0.00099

Низкий

7.8 High

CVSS3

7.2 High

CVSS2

Дефекты

CWE-264

Связанные уязвимости

CVE-2016-10089

CVSS3: 7.8

ubuntu

почти 9 лет назад

Nagios 4.3.2 and earlier allows local users to gain root privileges via a hard link attack on the Nagios init script file, related to CVE-2016-8641.

CVE-2016-10089

CVSS3: 6.7

redhat

около 9 лет назад

Nagios 4.3.2 and earlier allows local users to gain root privileges via a hard link attack on the Nagios init script file, related to CVE-2016-8641.

CVE-2016-10089

CVSS3: 7.8

debian

почти 9 лет назад

Nagios 4.3.2 and earlier allows local users to gain root privileges vi ...

GHSA-q77f-5m65-8q6j

CVSS3: 7.8

github

больше 3 лет назад

Nagios 4.3.2 and earlier allows local users to gain root privileges via a hard link attack on the Nagios init script file, related to CVE-2016-8641.

SUSE-SU-2018:3240-1

suse-cvrf

больше 7 лет назад

Security update for nagios

EPSS

Процентиль: 28%

0.00099

Низкий

7.8 High

CVSS3

7.2 High

CVSS2

Дефекты

CWE-264