Threat Level: green Handler on Duty: Manuel Humberto Santander Pelaez

SANS ISC: NagiosXI 5.2.6 – 5.4.12 unauthenticated exploit chain leads to root access - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
NagiosXI 5.2.6 – 5.4.12 unauthenticated exploit chain leads to root access
Yesterday (10th of May) Nagios (nagios.com/news/2018/05/security-vulnerability-upgrade-to-nagios-xi-5-4-13/) posted information about several vulnerabilities that has been found in Nagios which can be (unauthenticated) chain executed and will lead to root access. Nagios users are urged (especially if Nagios is publicly accessible) to upgrade as soon as possible.

The chain consists of the following steps:

* CVE-2018-8734 - SQL injection (unauthenticated)
* CVE-2018-8733 - authentication bypass
* CVE-2018-8735 - command injection (authenticated)
* CVE-2018-8736 - local privilege escalation

More information in detail can be found here:
blog.redactedsec.net/exploits/2018/04/26/…

Upgrade is available here (OVA):
assets.nagios.com/downloads/nagiosxi/5/ovf/…
Remco

13 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!