Vulnerability Name:

CVE-2018-13441 (CCN-146861)

Assigned:2018-07-11
Published:2018-07-11
Updated:2020-04-11
Summary:qh_help in Nagios Core version 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attacker to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket.
CVSS v3 Severity:5.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
4.9 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:U/RC:R)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
3.5 Low (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:U/RC:R)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
2.1 Low (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-476
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2018-13441

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2020:0500

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2020:0517

Source: XF
Type: UNKNOWN
nagios-cve201813441-dos(146861)

Source: CCN
Type: GitHub Web site
Nagios Core qh_help Denial of Service

Source: MISC
Type: Exploit, Third Party Advisory
https://gist.github.com/fakhrizulkifli/8df4a174158df69ebd765f824bd736b8

Source: CONFIRM
Type: Release Notes
https://knowledge.opsview.com/v5.3/docs/whats-new

Source: CONFIRM
Type: Release Notes
https://knowledge.opsview.com/v5.4/docs/whats-new

Source: CCN
Type: Packet Storm Security [07-25-2018]
Nagios Core 4.4.1 Local Denial Of Service

Source: EXPLOIT-DB
Type: EXPLOIT
Offensive Security Exploit Database [07-24-2018]

Source: EXPLOIT-DB
Type: Exploit, Third Party Advisory, VDB Entry
45082

Source: CCN
Type: Nagios Web site
Nagios Monitoring Solutions

Vulnerable Configuration:Configuration 1:
  • cpe:/a:nagios:nagios:*:*:*:*:*:*:*:* (Version <= 4.4.1)

    • Configuration CCN 1:
  • cpe:/a:nagios:nagios_core:4.4.1:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:201813441
    V
    		CVE-2018-13441
    2022-06-30
    oval:org.opensuse.security:def:113010
    P
    		nagios-4.4.6-2.5 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:93586
    P
    		 (Important)
    2021-12-01
    oval:org.opensuse.security:def:106456
    P
    		Security update for ruby2.5 (Important)
    2021-12-01
    oval:org.opensuse.security:def:64618
    P
    		Security update for postgresql13 (Important)
    2021-11-22
    oval:org.opensuse.security:def:74672
    P
    		Security update for ncurses (Moderate)
    2021-10-20
    oval:org.opensuse.security:def:64560
    P
    		Security update for krb5 (Important)
    2021-08-20
    oval:org.opensuse.security:def:63509
    P
    		postgresql-test-13-8.30 on GA media (Moderate)
    2021-08-10
    oval:org.opensuse.security:def:62835
    P
    		vorbis-tools-1.4.0-1.53 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:62803
    P
    		libnma0-1.8.24-5.2 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:63013
    P
    		groovy-lib-2.4.21-3.3.2 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:62807
    P
    		libplist++-devel-2.0.0-1.31 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:62810
    P
    		libraptor-devel-2.0.15-9.3.1 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:64730
    P
    		Security update for sqlite3 (Important)
    2021-07-14
    oval:org.opensuse.security:def:100299
    P
    		 (Important)
    2021-06-17
    oval:org.opensuse.security:def:64458
    P
    		Security update for xen (Important)
    2021-04-06
    oval:org.opensuse.security:def:63306
    P
    		subversion-server-1.10.6-3.6.2 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:74805
    P
    		Security update for nagios (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:64350
    P
    		libmpfr6 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:63656
    P
    		Security update for MozillaFirefox, mozilla-nspr and mozilla-nss (Important)
    2020-12-01
    oval:org.opensuse.security:def:64351
    P
    		libmspack-devel on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:63885
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:64214
    P
    		autofs on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:110467
    P
    		Security update for nagios (Moderate)
    2020-04-11
    oval:com.ubuntu.cosmic:def:201813441000
    V
    		CVE-2018-13441 on Ubuntu 18.10 (cosmic) - medium.
    2018-07-12
    oval:com.ubuntu.cosmic:def:2018134410000000
    V
    		CVE-2018-13441 on Ubuntu 18.10 (cosmic) - medium.
    2018-07-12
    oval:com.ubuntu.disco:def:2018134410000000
    V
    		CVE-2018-13441 on Ubuntu 19.04 (disco) - medium.
    2018-07-12
    BACK
    nagios nagios *
    nagios nagios core 4.4.1