Bug 1490858 (CVE-2017-14312) - CVE-2017-14312 nagios: Incorrect file permissions leading to possible privilege escalation
Summary: CVE-2017-14312 nagios: Incorrect file permissions leading to possible privile...
Keywords:
Status: CLOSED WONTFIX
Alias: CVE-2017-14312
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1490859 1490860
Blocks: 1490867
TreeView+ depends on / blocked
 
Reported: 2017-09-12 11:48 UTC by Adam Mariš
Modified: 2020-12-14 10:26 UTC (History)
39 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2019-06-08 03:25:05 UTC
Embargoed:

Attachments (Terms of Use)

Description Adam Mariš 2017-09-12 11:48:45 UTC 
Nagios Core through 4.3.4 initially executes /usr/sbin/nagios as root but supports configuration options in which this file is owned by a non-root account (and similarly can have nagios.cfg owned by a non-root account), which allows local users to gain privileges by leveraging access to this non-root account. 

Upstream bug:

https://github.com/NagiosEnterprises/nagioscore/issues/424
Comment 1 Adam Mariš 2017-09-12 11:49:32 UTC 
Created nagios tracking bugs for this issue:

Affects: epel-all [bug 1490860]
Affects: fedora-all [bug 1490859]
Comment 2 Jason Shepherd 2017-09-19 04:58:38 UTC 
In RHMAP both the /usr/sbin/nagios, and /etc/nagios/nagios.cfg  files are owned by root.

sh-4.2$ ls -la /etc/nagios/nagios.cfg 
-rwxrwxrwx. 1 root root 44259 Jun 16 00:13 /etc/nagios/nagios.cfg
sh-4.2$ ls -la /usr/sbin/nagios 
-rwxr-xr-x. 1 root root 713872 Jan 31  2017 /usr/sbin/nagios

Setting RHMAP as not affected.
Note You need to log in before you can comment on or make changes to this bug.