CVE-2016-8641

This commit is contained in:
Pedro Sampaio 2018-07-31 19:29:16 -03:00
parent bc80e3975b
commit 15471892c9
No known key found for this signature in database
GPG Key ID: 52CF575BE51B20F4

View File

@ -1,18 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-8641",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2016-8641",
"ASSIGNER": "psampaio@redhat.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Nagios Enterprises",
"product": {
"product_data": [
{
"product_name": "nagios",
"version": {
"version_data": [
{
"version_value": "4.2.x"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8641",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8641",
"refsource": "CONFIRM"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A privilege escalation vulnerability was found in nagios 4.2.x that occurs in daemon-init.in when creating necessary files and insecurely changing the ownership afterwards. It's possible for the local attacker to create symbolic links before the files are to be created and possibly escalating the privileges with the ownership change."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "6.7/CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
[
{
"vectorString": "4.4/AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
]
}
}