Legal Hacker researcher Dawid Golunski spotted a “High” severity-rated vulnerability in the Nagios Core platform that could allow root privilege escalation.
Nagios is an open source software application which monitors systems networks and infrastructure.
Golunski’s proof of concept allows for privilege escalation from Nagios system account or an account belonging to Nagios group, to root shell, according to the Dec. 15 blog post. The initial vulnerability, CVE-2016-9566, would require the exploitation of another Nagios vulnerability CVE-2016-9565, critical remote code execution flaw, in order to obtain the necessary level of access to carry out the attack.
The flaw stems from the Nagios Core daemon in versions below 4.2.4 being unsafe to perform operations when handling the log file and if exploited, the vulnerability could allow an attacker to fully compromise the system on which a vulnerable version of the application was installed. Those affected should update to Nagios 4.2.4.