Medium severity6.7NVD Advisory· Published Aug 1, 2018· Updated Jun 17, 2026
CVE-2016-8641
CVE-2016-8641
Description
A privilege escalation vulnerability was found in nagios 4.2.x that occurs in daemon-init.in when creating necessary files and insecurely changing the ownership afterwards. It's possible for the local attacker to create symbolic links before the files are to be created and possibly escalating the privileges with the ownership change.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9- osv-coords6 versionspkg:rpm/opensuse/nagios&distro=openSUSE%20Tumbleweedpkg:rpm/suse/icinga&distro=SUSE%20Enterprise%20Storage%204pkg:rpm/suse/icinga&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/nagios&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/nagios&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/nagios&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4
< 4.4.6-2.5+ 5 more
- (no CPE)range: < 4.4.6-2.5
- (no CPE)range: < 1.13.3-12.3.1
- (no CPE)range: < 1.13.3-12.3.1
- (no CPE)range: < 3.0.6-1.25.36.3.1
- (no CPE)range: < 3.0.6-1.25.36.3.1
- (no CPE)range: < 3.0.6-1.25.36.3.1
Patches
Vulnerability mechanics
References
5- bugzilla.redhat.com/show_bug.cginvdIssue TrackingPatchThird Party Advisory
- github.com/NagiosEnterprises/nagioscore/commit/f2ed227673d3b2da643eb5cad26b2d87674f28c1.patchnvdPatchThird Party Advisory
- www.exploit-db.com/exploits/40774/nvdExploitThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/95121nvdThird Party AdvisoryVDB Entry
- security.gentoo.org/glsa/201702-26nvdThird Party Advisory
News mentions
0No linked articles in our index yet.