CVE-2019-3698

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2019-3698

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-3698.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2019-3698

Related

Published

2020-02-28T14:15:09Z

Modified

2024-09-03T02:51:23.468999Z

Severity

7.0 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

UNIX Symbolic Link (Symlink) Following vulnerability in the cronjob shipped with nagios of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 11; openSUSE Factory allows local attackers to cause cause DoS or potentially escalate privileges by winning a race. This issue affects: SUSE Linux Enterprise Server 12 nagios version 3.5.1-5.27 and prior versions. SUSE Linux Enterprise Server 11 nagios version 3.0.6-1.25.36.3.1 and prior versions. openSUSE Factory nagios version 4.4.5-2.1 and prior versions.

References

Affected packages

Git / github.com/nagiosenterprises/nagioscore

Affected ranges

Type: GIT
Repo: https://github.com/nagiosenterprises/nagioscore
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

5e0dbec06cf5f6a4201335da9e8f3557bcd9fa06

Affected versions

nagios-1.*

nagios-1.0a6

nagios-1.0a7

nagios-1.0b1

nagios-1.0b2

nagios-1.0b3

nagios-1.0b4

nagios-1.0b5

nagios-1.0b6

nagios-2.*

nagios-2.0

nagios-2.0.b5

nagios-2.0b1

nagios-2.0b2

nagios-2.0b3

nagios-2.0b4

nagios-2.0b6

nagios-2.0rc1

nagios-3.*

nagios-3.0a1

nagios-3.0a2

nagios-3.0a3

nagios-3.0a4

nagios-3.0a5

nagios-3.0b1

nagios-3.0b2

nagios-3.0b3

nagios-3.0b4

nagios-3.0b5