Escalation Vulnerability

Support forum for Nagios Core, Nagios Plugins, NCPA, NRPE, NSCA, NDOUtils and more. Engage with the community of users including those using the open source solutions.
Locked
Nollins
Posts: 4
Joined: Mon Jul 18, 2016 3:13 am

Escalation Vulnerability

Post by Nollins »

Hello

This maybe something that cannot be resolved but I thought I would check - we have a Qualys scanner and it flagged an issue with Nagios Core 4.3.4

QID- 370766
Nagios Core Local Privilege Escalation Vulnerability.

Nagios Core initially executes /usr/sbin/nagios as root but supports configuration options in which this file is owned by a non-root account (and similarly can have nagios.cfg owned by a non-root account), which allows local users to gain privileges by leveraging access to this non-root account.

It states no fixes are available but thought I would check

Thank you

Chris
tmcdonald
Posts: 9117
Joined: Mon Sep 23, 2013 8:40 am

Re: Escalation Vulnerability

Post by tmcdonald »

The latest release is 4.3.4 so there is not a published fix available. When it is, the changelog will reflect it here: https://github.com/NagiosEnterprises/na ... /Changelog
Former Nagios employee
Nollins
Posts: 4
Joined: Mon Jul 18, 2016 3:13 am

Re: Escalation Vulnerability

Post by Nollins »

Thank you - do you know if this issue is resolved in Nagios XI
tmcdonald
Posts: 9117
Joined: Mon Sep 23, 2013 8:40 am

Re: Escalation Vulnerability

Post by tmcdonald »

As Nagios XI runs Nagios Core under the hood, it would still be affected, yes.
Former Nagios employee
Locked