Bug 1402869 - (CVE-2016-9566) CVE-2016-9566 nagios: Privilege escalation issue
CVE-2016-9566 nagios: Privilege escalation issue
Status: NEW
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
high Severity high
: ---
: ---
Assigned To: Red Hat Product Security
impact=important,public=20161207,repo...
: Reopened, Security
Depends On: 1402870 1402871 1406780 1413480 1413481 1413482 1413483
Blocks: 1402874 1415899 1417519
  Show dependency treegraph
 
Reported: 2016-12-08 09:08 EST by Adam Mariš
Modified: 2017-02-07 23:12 EST (History)
43 users (show)

See Also:
Fixed In Version: nagios 4.2.4
Doc Type: Bug Fix
Doc Text:
A privilege escalation flaw was found in the way Nagios handled log files. An attacker able to control the Nagios logging configuration (the 'nagios' user/group) could use this flaw to elevate their privileges to root.
Story Points: ---
Clone Of:
Environment:
Last Closed: 2017-01-31 18:07:28 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Adam Mariš 2016-12-08 09:08:40 EST
An unsafe file opening/creation of logging files that can be misused for root privilege escalation was found in base/logging.c.

Upstream patch:

https://github.com/NagiosEnterprises/nagioscore/commit/c29557dec91eba2306f5fb11b8da4474ba63f8c4
Comment 1 Adam Mariš 2016-12-08 09:09:13 EST
Created nagios tracking bugs for this issue:

Affects: fedora-all [bug 1402870]
Affects: epel-all [bug 1402871]
Comment 5 Jason Shepherd 2016-12-14 23:00:35 EST
An openshift user account is required to get access to the RHMAP Monitoring with Nagios, ref:

  https://access.redhat.com/documentation/en/red-hat-mobile-application-platform/4.2/paged/operations-guide/chapter-1-monitoring-rhmap-with-nagios#retrieving-nagios-login-credentials
Comment 7 Andrej Nemec 2016-12-21 04:02:32 EST
References:

http://seclists.org/oss-sec/2016/q4/715
Comment 9 Tim Suter 2017-01-29 22:23:26 EST
Acknowledgements:

Name: Dawid Golunski
Comment 10 errata-xmlrpc 2017-01-31 00:53:37 EST
This issue has been addressed in the following products:

  Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7

Via RHSA-2017:0214 https://rhn.redhat.com/errata/RHSA-2017-0214.html
Comment 11 errata-xmlrpc 2017-01-31 00:55:01 EST
This issue has been addressed in the following products:

  Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7

Via RHSA-2017:0213 https://rhn.redhat.com/errata/RHSA-2017-0213.html
Comment 12 errata-xmlrpc 2017-01-31 00:56:21 EST
This issue has been addressed in the following products:

  Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6

Via RHSA-2017:0212 https://rhn.redhat.com/errata/RHSA-2017-0212.html
Comment 13 errata-xmlrpc 2017-01-31 00:57:52 EST
This issue has been addressed in the following products:

  Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7

Via RHSA-2017:0211 https://rhn.redhat.com/errata/RHSA-2017-0211.html
Comment 15 errata-xmlrpc 2017-02-07 06:16:45 EST
This issue has been addressed in the following products:

  Red Hat Gluster Storage 3.1 for RHEL 6

Via RHSA-2017:0259 https://rhn.redhat.com/errata/RHSA-2017-0259.html
Comment 16 errata-xmlrpc 2017-02-07 06:17:48 EST
This issue has been addressed in the following products:

  Red Hat Gluster Storage 3.1 for RHEL 7

Via RHSA-2017:0258 https://rhn.redhat.com/errata/RHSA-2017-0258.html

Note You need to log in before you can comment on or make changes to this bug.