Oval Definition:oval:org.opensuse.security:def:20168641
Revision Date:2022-06-30Version:1
Title:CVE-2016-8641
Description:

A privilege escalation vulnerability was found in nagios 4.2.x that occurs in daemon-init.in when creating necessary files and insecurely changing the ownership afterwards. It's possible for the local attacker to create symbolic links before the files are to be created and possibly escalating the privileges with the ownership change.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2016-8641
SUSE-SU-2018:3240-1
SUSE-SU-2018:3620-1
openSUSE-SU-2018:3258-1
Mitre CVE-2016-8641
SUSE CVE-2016-8641
SUSE-SU-2018:3240-1
SUSE-SU-2018:3620-1
openSUSE-SU-2018:3258-1
Platform(s):openSUSE Leap 42.3
openSUSE Tumbleweed
SUSE Linux Enterprise Server 11 SP1-TERADATA
SUSE Linux Enterprise Server 11 SP3-TERADATA
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server for SAP Applications 11 SP1-TERADATA
SUSE Linux Enterprise Server for SAP Applications 11 SP3-TERADATA
SUSE Linux Enterprise Server for SAP Applications 11 SP4
SUSE Linux Enterprise Software Development Kit 11 SP4
Product(s):
Definition Synopsis
  • openSUSE Leap 42.3 is installed
  • AND Package Information
  • icinga-1.14.0-8.3 is installed
  • AND icinga is signed with openSUSE key
  • OR
  • icinga-devel-1.14.0-8.3 is installed
  • AND icinga-devel is signed with openSUSE key
  • OR
  • icinga-doc-1.14.0-8.3 is installed
  • AND icinga-doc is signed with openSUSE key
  • OR
  • icinga-idoutils-1.14.0-8.3 is installed
  • AND icinga-idoutils is signed with openSUSE key
  • OR
  • icinga-idoutils-mysql-1.14.0-8.3 is installed
  • AND icinga-idoutils-mysql is signed with openSUSE key
  • OR
  • icinga-idoutils-oracle-1.14.0-8.3 is installed
  • AND icinga-idoutils-oracle is signed with openSUSE key
  • OR
  • icinga-idoutils-pgsql-1.14.0-8.3 is installed
  • AND icinga-idoutils-pgsql is signed with openSUSE key
  • OR
  • icinga-plugins-downtimes-1.14.0-8.3 is installed
  • AND icinga-plugins-downtimes is signed with openSUSE key
  • OR
  • icinga-plugins-eventhandlers-1.14.0-8.3 is installed
  • AND icinga-plugins-eventhandlers is signed with openSUSE key
  • OR
  • icinga-www-1.14.0-8.3 is installed
  • AND icinga-www is signed with openSUSE key
  • OR
  • icinga-www-config-1.14.0-8.3 is installed
  • AND icinga-www-config is signed with openSUSE key
  • OR
  • monitoring-tools-1.14.0-8.3 is installed
  • AND monitoring-tools is signed with openSUSE key
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Software Development Kit 11 SP4 is installed
  • AND
  • nagios-3.0.6-1.25.36.3 is installed
  • OR nagios-devel-3.0.6-1.25.36.3 is installed
  • OR nagios-www-3.0.6-1.25.36.3 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP4 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 SP4 is installed
  • AND
  • nagios-3.0.6-1.25.36.3 is installed
  • OR nagios-www-3.0.6-1.25.36.3 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP4 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 SP4 is installed
  • AND Package Information
  • nagios-3.0.6-1.25.36.3 is installed
  • OR nagios-www-3.0.6-1.25.36.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP3-TERADATA is installed
  • AND Package Information
  • nagios-3.0.6-1.25.36.3 is installed
  • OR nagios-www-3.0.6-1.25.36.3 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Software Development Kit 11 SP4 is installed
  • AND
  • nagios-3.0.6-1.25.36.3 is installed
  • OR nagios-devel-3.0.6-1.25.36.3 is installed
  • OR nagios-www-3.0.6-1.25.36.3 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP1-TERADATA is installed
  • OR SUSE Linux Enterprise Server 11 SP3-TERADATA is installed
  • OR SUSE Linux Enterprise Server 11 SP4 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 SP1-TERADATA is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 SP3-TERADATA is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 SP4 is installed
  • AND
  • nagios-3.0.6-1.25.36.3 is installed
  • OR nagios-www-3.0.6-1.25.36.3 is installed
    • Definition Synopsis
  • openSUSE Tumbleweed is installed
  • AND Package Information
  • nagios-4.4.6-2.5 is installed
  • OR nagios-contrib-4.4.6-2.5 is installed
  • OR nagios-devel-4.4.6-2.5 is installed
  • OR nagios-theme-exfoliation-4.4.6-2.5 is installed
  • OR nagios-www-4.4.6-2.5 is installed
  • OR nagios-www-dch-4.4.6-2.5 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP1-TERADATA is installed
  • OR SUSE Linux Enterprise Server 11 SP3-TERADATA is installed
  • AND
  • nagios-3.0.6-1.25.36.3.1 is installed
  • OR nagios-www-3.0.6-1.25.36.3.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP4 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 SP4 is installed
  • AND
  • nagios-3.0.6-1.25.36.3.1 is installed
  • OR nagios-www-3.0.6-1.25.36.3.1 is installed
    • BACK