Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.3
CVSSv3

CVE-2017-12847

Published: 23/08/2017 Updated: 03/10/2019
CVSS v2 Base Score: 6.3 | Impact Score: 9.2 | Exploitability Score: 3.4
CVSS v3 Base Score: 6.3 | Impact Score: 5.2 | Exploitability Score: 1
VMScore: 561
Vector: AV:L/AC:M/Au:N/C:N/I:C/A:C
Subscribe to Nagios

Vulnerability Summary

Nagios Core prior to 4.3.3 creates a nagios.lock PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for nagios.lock modification before a root script executes a "kill `cat /pathname/nagios.lock`" command.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

nagios nagios

References

CWE-665https://github.com/NagiosEnterprises/nagioscore/issues/404https://github.com/NagiosEnterprises/nagioscore/commit/3baffa78bafebbbdf9f448890ba5a952ea2d73cbhttps://github.com/NagiosEnterprises/nagioscore/commit/1b197346d490df2e2d3b1dcce5ac6134ad0c8752https://github.com/NagiosEnterprises/nagioscore/blob/master/Changeloghttp://www.securityfocus.com/bid/100403https://security.gentoo.org/glsa/201710-20https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
XXECVE-2024-34490SQL injectionCVE-2024-34488CVE-2024-4507CVE-2023-7028CVE-2024-23187TCPCVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook