Privilege Escalation via Symlink Attack in Nagios Core

Privilege Escalation via Symlink Attack in Nagios Core

CVE-2016-9566 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

base/logging.c in Nagios Core before 4.2.4 allows local users with access to an account in the nagios group to gain root privileges via a symlink attack on the log file. NOTE: this can be leveraged by remote attackers using CVE-2016-9565.

Learn more about our Cis Benchmark Audit For Apple Ios.