Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:nagios:nagios:4.3.0:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2018-13441 |
qh_help in Nagios Core version 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attacker to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket. Published: July 12, 2018; 2:29:00 PM -0400 |
V4.0:(not available) V3.0: 5.5 MEDIUM V2.0: 2.1 LOW |
CVE-2017-12847 |
Nagios Core before 4.3.3 creates a nagios.lock PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for nagios.lock modification before a root script executes a "kill `cat /pathname/nagios.lock`" command. Published: August 23, 2017; 5:29:00 PM -0400 |
V4.0:(not available) V3.0: 6.3 MEDIUM V2.0: 6.3 MEDIUM |