Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
nagios cron job allows privilege escalation from user nagios to root
Vulnerability Description
UNIX Symbolic Link (Symlink) Following vulnerability in the cronjob shipped with nagios of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 11; openSUSE Factory allows local attackers to cause cause DoS or potentially escalate privileges by winning a race. This issue affects: SUSE Linux Enterprise Server 12 nagios version 3.5.1-5.27 and prior versions. SUSE Linux Enterprise Server 11 nagios version 3.0.6-1.25.36.3.1 and prior versions. openSUSE Factory nagios version 4.4.5-2.1 and prior versions.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L
Vulnerability Type
在文件访问前对链接解析不恰当(链接跟随)
Vulnerability Title
Nagios 后置链接漏洞
Vulnerability Description
Nagios是美国Nagios公司的一套开源的免费网络监视工具。 SUSE Linux Enterprise Server 12版本中的Nagios 3.5.1之前版本和SUSE Linux Enterprise Server 11版本中的Nagios 3.0.6之前版本存在后置链接漏洞。本地攻击者可利用该漏洞导致拒绝服务或提升权限。
CVSS Information
N/A
Vulnerability Type
N/A