cvedb.io
CVE-2016-8641
MEDIUM · CVSS 6.7
EPSS exploitation probability: 0%
Published 2018-08-01T14:29:00.253 · Last modified 2026-06-17T00:54:41.070

Summary

A privilege escalation vulnerability was found in nagios 4.2.x that occurs in daemon-init.in when creating necessary files and insecurely changing the ownership afterwards. It's possible for the local attacker to create symbolic links before the files are to be created and possibly escalating the privileges with the ownership change.

Affected products

nagios — nagios

Does this affect you?

Add your gear to cvedb and we'll alert you only when nagios ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.