rpm package
suse/sysuser-tools&distro=SUSE Linux Enterprise Server 12 SP5
pkg:rpm/suse/sysuser-tools&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-3698 | — | < 2.0-1.9.1 | 2.0-1.9.1 | Feb 28, 2020 | UNIX Symbolic Link (Symlink) Following vulnerability in the cronjob shipped with nagios of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 11; openSUSE Factory allows local attackers to cause cause DoS or potentially escalate privileges by winning a race. This issue | ||
| CVE-2016-9566 | Hig | 7.8 | < 2.0-1.9.1 | 2.0-1.9.1 | Dec 15, 2016 | base/logging.c in Nagios Core before 4.2.4 allows local users with access to an account in the nagios group to gain root privileges via a symlink attack on the log file. NOTE: this can be leveraged by remote attackers using CVE-2016-9565. |
- CVE-2019-3698Feb 28, 2020affected < 2.0-1.9.1fixed 2.0-1.9.1
UNIX Symbolic Link (Symlink) Following vulnerability in the cronjob shipped with nagios of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 11; openSUSE Factory allows local attackers to cause cause DoS or potentially escalate privileges by winning a race. This issue
- affected < 2.0-1.9.1fixed 2.0-1.9.1
base/logging.c in Nagios Core before 4.2.4 allows local users with access to an account in the nagios group to gain root privileges via a symlink attack on the log file. NOTE: this can be leveraged by remote attackers using CVE-2016-9565.