Nagios Core Monitoring Tool Patched

Tuesday, December 20, 2016 @ 03:12 PM gHale

Nagios Core monitors IT systems, networks and infrastructure and it just fixed a high severity root privilege vulnerability.

The newest release, version 4.2.4, mitigates the high severity root privilege escalation vulnerability (CVE-2016-9566) discovered by researcher Dawid Golunski, who published a proof-of-concept exploit.

Netgear Fixing Vulnerable Routers
Router Flaw Leads to Hijacking
Router Backdoor Still Under Attack
Hacking Device That Really Works

“Nagios Core daemon in versions below 4.2.4 was found to perform unsafe operations when handling the log file. This could be exploited by malicious local attackers to escalate their privileges from ‘nagios’ system user, or from a user belonging to ‘nagios’ group, to root. The exploit could enable the attackers to fully compromise the system on which a vulnerable Nagios version was installed,” Golunski said in a blog post.

He also pointed out an attacker could obtain the necessary level of access by using this exploit in conjunction with one for a remote code execution vulnerability he discovered and ended up patched in version 4.2.2 of the open source software.

Since exploit code for both is now available, and no mitigations offered, users should implement the update as soon as possible.

Leave a Reply

You must be logged in to post a comment.