A vulnerability in PNP4Nagios which may allow local attackers to gain root privileges.
|Package||net-analyzer/pnp4nagios on all architectures|
|Affected versions||< 0.6.26-r9|
|Unaffected versions||>= 0.6.26-r9|
PNP4Nagios is an addon for the Nagios Network Monitoring System.
It was found that PHP4Nagios creates files owned by an unprivileged user that are used by root.
A local attacker could escalate privileges to root.
There is no known workaround at this time.
All PNP4Nagios users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-analyzer/pnp4nagios-0.6.26-r9"
June 24, 2018
June 24, 2018: 1